Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
On the Value of Coordination in Distributed Self-Adaptation of Intrusion Detection System
WI-IAT '11 Proceedings of the 2011 IEEE/WIC/ACM International Conferences on Web Intelligence and Intelligent Agent Technology - Volume 02
Towards efficient flow sampling technique for anomaly detection
TMA'12 Proceedings of the 4th international conference on Traffic Monitoring and Analysis
Agent-based simulation of cooperative defence against botnets
Concurrency and Computation: Practice & Experience
Distributed self-organized collaboration of autonomous IDS sensors
AIMS'12 Proceedings of the 6th IFIP WG 6.6 international autonomous infrastructure, management, and security conference on Dependable Networks and Services
Automatic network intrusion detection: Current techniques and open issues
Computers and Electrical Engineering
Self-organized collaboration of distributed IDS sensors
DIMVA'12 Proceedings of the 9th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
| Hi-index | 0.00 |
An application of agent-based data mining for near-real time detection of attacks against the computer networks and connected hosts is based on processing network traffic statistics provided by high-speed network monitoring cards and using a set of known anomaly-detection techniques to identify the anomalous behavior. The individual anomaly-detection methods have relatively high error rates that make them unfit for most practical deployments. Using the agent-based trust modeling technique, the Camnep system fuses the data provided by anomaly-detection methods and progressively builds a better classification with an acceptable error rate. The system uses agent-based self-adaptation techniques to dynamically align its structure with the changes in network traffic structure and attacks.