Title :
Network Intrusion Detection by Means of Community of Trusting Agents
Author :
Rehak, Martin ; Pechoucek, Michal ; Bartos, K. ; Grill, Martin ; Celeda, Pavel
Author_Institution :
Czech Tech. Univ. in Prague, Prague
Abstract :
We apply advanced agent trust modeling techniques to identify malicious traffic in computer networks. Our work integrates four state-of-the-art techniques from anomaly detection, and combines them by means of extended trust model. Deployment of trust model ensures interoperability between methods, allows cross-correlation of results during various stages of the detection and ensures efficient evaluation of current traffic in the context of historical observations. The goal of the system, which is designed for online monitoring of high-speed network, is to provide efficient tool for targeted runtime surveillance of malicious traffic by network operators. We aim to achieve this objective by filtering out the non-malicious (trusted) part of the traffic and submitting only potentially malicious flows for subsequent semi-automatic inspection.
Keywords :
computer networks; multi-agent systems; open systems; security of data; telecommunication security; telecommunication traffic; agent trust modeling technique; anomaly detection; computer network intrusion detection; cross-correlation method; interoperability; malicious traffic identification; online monitoring; subsequent semiautomatic inspection; Computer networks; Context modeling; Filtering; High-speed networks; Intrusion detection; Monitoring; Runtime; Surveillance; Telecommunication traffic; Traffic control;
Conference_Titel :
Intelligent Agent Technology, 2007. IAT '07. IEEE/WIC/ACM International Conference on
Conference_Location :
Fremont, CA
Print_ISBN :
978-0-7695-3027-7
DOI :
10.1109/IAT.2007.67
