- Contact Person: Martin Rehák
- Key Partners / Sponsorship: European Research Office of the US Army and Czech Ministry of Education
- Years: 2006 -
- CAMNEP Project Page
Joint research effort with Institute of Computer Science, Masaryk University. under Contract No. N62558-07-C-0001 and Czech Ministry of Education grants 1M0567, 6840770038 (CTU) and 6383917201 (CESNET)
Project CAMNEP consists of two activities:
- The collaborative agent-based Network Behavior Analysis system which has been deployed on real networks and is able to perform on-line surveillance of gigabit-speed links and
- The prototype of Intrusion protection System running inside a network simulator. Use of the simulation allows us to investigate the problems related to autonomous response to self-propagating malware and Denial of Service attacks in local networks. The essential system components are:
- multi-agent simulation, used to implement the simulated network hosts and create traffic with natural characteristics;
- trust, which is used to classify the traffic as either legitimate/malicious using the feedback from host-based IDS/IPS systems;
- reflective agents, located on network nodes (routers) used to implement the response and enforce automatically created filtering policies;
- distributed learning, which has been applied to distribute the intrusion detection process into between several peer nodes and
- Extended Contract Net Protocol used to efficiently distribute the filters between the nodes with filtering capability.
Screenshots