A federated network online network traffics analysis engine for cybersecurity

Agent-oriented techniques are being increasingly used in a range of networking security applications. In this paper, we introduce FNTAE, a Federated Network Traffic Analysis Engine for real-time network intrusion detection. In FNTAE, each analysis engine is powered with an incremental learning agent, for capturing attack signatures in real-time, so that the abnormal traffics resulting from the new attacks are detected as soon as they occur. Owing to the effective knowledge sharing among multiple analysis engines, the integrated engine is theoretically guaranteed performing more effective than a centralized analysis system. We deployed and tested FNTAE in a real world network environment. The results demonstrate that FNTAE is a promising solution to improving system security through the identification of malicious network traffic.