...
  • 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>Expert Systems with Application >A self-organising multi-agent system for decentralised forensic investigations
【24h】

A self-organising multi-agent system for decentralised forensic investigations

机译:用于分散式法医调查的自组织多主体系统

获取原文
获取原文并翻译 | 示例
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

As network-based threats continue to evolve more rapidly, detecting and responding to intrusion attempts in real-time requires an increasingly automated and intelligent response. This paper provides an agent-based framework for the analysis of cyber events within networks of varying sizes to detect complex multi-stage attacks. Agents are used as intelligent systems to explore domain specific and situational information showing the benefit of adaptive technologies that proactively analyse security events in real time. We introduce several algorithms to encapsulate and manage the traditional detection technologies and provide agent-based performance introspection as a mechanism to identify poorly performing systems. Our evaluation shows that the algorithms can reduce the amount of processing needed to analyse a security event by over 50% and improve the detection rate by up to 20% by introducing corrective systems to reduce false alarm rates in error-prone environments. (C) 2018 Elsevier Ltd. All rights reserved.
机译:随着基于网络的威胁继续以更快的速度发展,实时检测和响应入侵企图需要越来越多的自动化和智能响应。本文提供了一个基于代理的框架,用于分析大小不同的网络中的网络事件,以检测复杂的多阶段攻击。代理用作智能系统来探索特定于域的情况信息,这些信息显示了自适应技术的优势,这些技术可以实时主动地分析安全事件。我们介绍了几种算法来封装和管理传统的检测技术,并提供基于代理的性能自省作为一种识别性能不佳的系统的机制。我们的评估表明,通过引入纠正系统来减少易错环境中的误报率,该算法可以将分析安全事件所需的处理量减少50%以上,并将检测率提高多达20%。 (C)2018 Elsevier Ltd.保留所有权利。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号