A multi-agent integrated analysis engine for decentralized network traffic monitoring
Citation:You, L. (2014). A multi-agent integrated analysis engine for decentralized network traffic monitoring. An unpublished thesis submitted to Unitec Institute of Technology in ful filment of the requirements for the degree of Master of Computing.
Permanent link to Research Bank record:http://hdl.handle.net/10652/2526
The advent of decentralized systems have been considered as an immense progress as compared to existing centralized systems. In this research, we present an extensible, exible, stable and to the utmost, decentralized network traffic analysis system. The core module of the system is a bunch of collaborative real-time analysis engines/agents capable of actively acting in a knowledge sharing environment, and conducting the fast and precise interpretation on security related information. In building the communication foundation for multi-agent coordination, a new TCP/IP and UDP hybrid based communication protocol is proposed, which ensures a smooth and stable information exchange in between agents, and preserves network communication privacy. The developed integrated network traffic engine exhibits (1) collective intelligence of multiple analysis engines; (2) resilience of decentralized security system; and (3) privacy reservation of encrypted network communications.