Advanced search
Start date
Betweenand

Autonomous network management model through adaptive data flow analysis (front: forensic analysis and event recognition based on data flows)

Grant number: 07/06138-3
Support type:Scholarships in Brazil - Scientific Initiation
Effective date (Start): January 01, 2008
Effective date (End): December 31, 2008
Field of knowledge:Physical Sciences and Mathematics - Computer Science - Computer Systems
Principal Investigator:Adriano Mauro Cansian
Grantee:André Proto
Home Institution: Instituto de Biociências, Letras e Ciências Exatas (IBILCE). Universidade Estadual Paulista (UNESP). Campus de São José do Rio Preto. São José do Rio Preto , SP, Brazil

Abstract

This project presents a development and consolidation proposal of an intelligent computer network management and security system model, based on automatized data flow analysis. The model is based on data flow exportation architecture of NetFlow standard (standardized by IETF - Internet Engineering Task Force - as IPFIX standard), due to Artificial Intelligence adaptability concepts (IA). On this way, it is intended to develop a whole architecture of computational environment defense. Data flows are able to provide detailed information about network behaviors. Neural networks are characterized by its efficiency in patterns recognition. The conjunction of these two methodologies allows the accomplishment of the fast traffic analysis, in a scalable and efficient way, making possible the description, step by step, of network activities. This description will allow investigate a diverse amount of network events, in real time, using signatures that represent them. This model is a pioneering one in automatized analysis of data flows, using important characteristics to computer security system, as scalability in high speed network surveillance, fast detections of illicit activities attempts (as worms), intrusion and denial of service (DoS) attempts, which are considered the major threat on the Internet these days.