Joint research effort with Institute of Computer Science, Masaryk University. under Contract No. N62558-07-C-0001 and Czech Ministry of Education grants 1M0567, 6840770038 (CTU) and 6383917201 (CESNET)

Project CAMNEP consists of two activities:

  • The collaborative agent-based Network Behavior Analysis system which has been deployed on real networks and is able to perform on-line surveillance of gigabit-speed links and
  • The prototype of Intrusion protection System running inside a network simulator. Use of the simulation allows us to investigate the problems related to autonomous response to self-propagating malware and Denial of Service attacks in local networks. The essential system components are:
    • multi-agent simulation, used to implement the simulated network hosts and create traffic with natural characteristics;
    • trust, which is used to classify the traffic as either legitimate/malicious using the feedback from host-based IDS/IPS systems;
    • reflective agents, located on network nodes (routers) used to implement the response and enforce automatically created filtering policies;
    • distributed learning, which has been applied to distribute the intrusion detection process into between several peer nodes and
    • Extended Contract Net Protocol used to efficiently distribute the filters between the nodes with filtering capability.

Screenshots

CAMNEPCAMNEPCAMNEP