[转载]基于移动代理的分布式入侵检测系统
文章作者:杜瑞忠 河北大学摘要: 在分析当前入侵检测系统的基础上,提出了一个基于协同式移动代理的分布式入侵检测系统。首先由数据采集代理在网络中随机移动并收集可疑信息,然后由入侵检测代理进行入侵检测分析。利用移动代理的迁移性实现了对分布式、协同式攻击的检测,利用移动代理的移动性、灵活性、适应性、跨平台性和代码可重用等特性来克服目前入侵检测系统中存在的效率低、可移植性差、灵活性有限和升级能力差等缺陷,为解决目前的分布式攻击问题,提供了一种有效的防范措施。
关键词: 信息安全;入侵检测;防火墙;网络安全;分布式入侵检测;
移动代理
中图分类号:TP311 文献标识码:A
Abstract: Based on analysis of the current intrusion system, a distributed intrusion detection system based on collaborative mobile agents are proposed in the paper. First DCA collects information when it randomly moves around the network. The DCA then transfer the information it has collected to a IDA which will analyze the probability of intrusion. The system makes use of the properties of mobile agents such as mobility, flexibility, adaptability, operating in heterogeneous environments, reusing code to overcome a number of shortcomings of currently deployed IDSs, such as lock of efficiency, lack of portability among monitored environments, limited flexibility, etc.
Keywords: Information Security; Intrusion Detection; Firewall; Network Security; Distributed Intrusion Detection; Mobile Agent
页:
[1]