Curious Agents for Network Anomaly Detection
Funded by a UNSW@ADFA Early Career Researcher Grant in 2010, this project is developing curious agent approaches to anomaly detection in computer networks. Curious agents use embedded online, single-pass, unsupervised learning algorithms to analyse data. They thus have the potential for real-time, adaptive network traffic analysis. The models are analysed and compared using common benchmark datasets such as the KDD Cup dataset. Results have shown that curious agents can detect network intrusions, and are particularly successful detecting rare attack classes. The main weakness of the approach is a high false positive rate. This work has been accepted for publication at the International Conference on Autonomous Agents and Multiagent Systems in 2011.