Project information

Reflective-Cognitive Adaptation for Network Intrusion Detection Systems (CAMNEP II)

Project Identification
W911NF-08-1-0250
Project Period
6/2008 - 12/2009
Investor / Pogramme / Project type
U.S. Army RDECOM Acquisition Center
MU Faculty or unit
Institute of Computer Science
Keywords
intrusion detection, network behavior analysis, multi-agent system, trust, anomaly detection, programable hardware
Cooperating Organization
Czech Technical University Prague
Faculty of Electrical Engineering CTU

The goal of the CAMNEP II project is to combine the high-bandwidth network traffic acquisition devices with distributed and adaptive multi-agent system to deliver a concept of efficient, effective and self-managing Network Intrusion Detection System (NIDS). This system would be deployed on backbone links of one or more network operators in order to detect malicious traffic, minimizing the rate of false positives/negatives that renders current systems less effective. Attack detection process will rely on cooperation between a community of trusting agents, each specialized in one aspect of traffic characteristics. We aim to further reduce the system operational costs by providing basic self-adaptation capabilities, using the coordination methods from multi-agent field and adaptive software/hardware in traffic acquisition layer. The system operation and adaptation will be supervised and regulated via advanced user interface, that would proactively seek additional information for each incident and will also allow policy specification.

Publications

Total number of publications: 6