Issue No. 03 - May/June (2009 vol. 24)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MIS.2009.42
Martin Rehák , Czech Technical University
Michal Pechoucek , Czech Technical University
Martin Grill , Czech Technical University
Jan Stiborek , Czech Technical University
Karel Bartoš , Czech Technical University
Pavel Celeda , Masaryk University
An application of agent-based data mining for near-real time detection of attacks against the computer networks and connected hosts is based on processing network traffic statistics provided by high-speed network monitoring cards and using a set of known anomaly-detection techniques to identify the anomalous behavior. The individual anomaly-detection methods have relatively high error rates that make them unfit for most practical deployments. Using the agent-based trust modeling technique, the Camnep system fuses the data provided by anomaly-detection methods and progressively builds a better classification with an acceptable error rate. The system uses agent-based self-adaptation techniques to dynamically align its structure with the changes in network traffic structure and attacks.
network intrusion detection, data mining, multiagent systems, trust
J. Stiborek, M. Pechoucek, M. Grill, M. Rehák, K. Bartoš and P. Celeda, "Adaptive Multiagent System for Network Traffic Monitoring," in IEEE Intelligent Systems, vol. 24, no. , pp. 16-25, 2009.