| 基于多代理的协同分布式入侵检测系统模型 |
| |
| 引用本文: | 陈晓苏,林军,肖道举. 基于多代理的协同分布式入侵检测系统模型[J]. 华中科技大学学报(自然科学版), 2002, 30(2): 92-95,104 |
| |
| 作者姓名: | 陈晓苏 林军 肖道举 |
| |
| 作者单位: | 华中科技大学计算机科学与技术学院 |
| |
| 摘 要: | 给出了一种基于多代理的协同分布式入侵检测系统模型(CDIDS),该模型依靠基于主机的代理HIDA和基于网络的代理NIDA,运用异常检测与特征检测相结合的方式进行有效的入侵检测;在分布式的网络环境下,系统通过入侵检测控制中心实现检测/响应模块的协同工作,为单个主机的攻击与大规模的网络入侵提供应对策略,并采用协议分流的方式提高NIDA模块的性能。
|
| 关 键 词: | 分布式结构 入侵检测系统 代理 协同工作 网络安全 入侵响应 检测机制 |
| 文章编号: | 1671-4512(2002)02-0093-03 |
Cooperative distributed intrusion detection system based on multi-agent |
| |
| Chen Xiaosu Lin Jun Xiao Daoju Prof., College of Computer Sci. , Tech.,Huazhong University of Science and Technology,Wuhan ,China.. Cooperative distributed intrusion detection system based on multi-agent[J]. JOURNAL OF HUAZHONG UNIVERSITY OF SCIENCE AND TECHNOLOGY.NATURE SCIENCE, 2002, 30(2): 92-95,104 |
| |
| Authors: | Chen Xiaosu Lin Jun Xiao Daoju Prof. College of Computer Sci. & Tech. Huazhong University of Science Technology Wuhan China. |
| |
| Affiliation: | Chen Xiaosu Lin Jun Xiao Daoju Prof., College of Computer Sci. & Tech.,Huazhong University of Science and Technology,Wuhan 430074,China. |
| |
| Abstract: | This paper proposes a type of Cooperative Distributed Intrusion Detection System (CDIDS) based on multi agent. The effective detection can be performed by host based agents and network based agents using the mixed mode of behavior based anomaly detection and knowledge based signature detection in this mode. The detection agents and response agents can be cooperate under the control of Intrusion Detection Control Center (IDCC) in the distributed environment of network. That can take counter measures against both the attack on single host and the large scaled intrusion and use QoS to distribute data stream to NIDAs for improving the performance. |
| |
| Keywords: | distributed architecture intrusion detection system agent cooperate |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
