CAMNEP: Agent-Based Network Intrusion Detection System
|Original title:||CAMNEP: Agent-Based Network Intrusion Detection System|
|Authors:||Martin Rehák, Michal Pěchouček, Pavel Čeleda, Jiří Novotný, Pavel Minařík|
We present a prototype of agent-based intrusion detection system designed for deployment on high-speed backbone networks. The main contribution of the system is the integration of several anomaly detection techniques by means of collective trust modeling within a group of collaborative detection agents, each featuring a specific detection algorithm. The system is based on traffic statistics in NetFlow format acquired by dedicated hardware-accelerated network cards, and is able to perform a real-time surveillance of the gigabit networks.