| 分层协作入侵检测系统研究 |
| |
| 引用本文: | 蔡媛媛,王乘,张锋.分层协作入侵检测系统研究[J].计算机仿真,2004,21(3):133-136. |
| |
| 作者姓名: | 蔡媛媛 王乘 张锋 |
| |
| 作者单位: | 华中科技大学工程计算与仿真研究所,湖北,武汉,430074 |
| |
| 摘 要: | 互联网在给广大互联网用户提供方便的同时也更加方便了黑客在不同地点、不同时刻发起对远程网络或主机的攻击。针对这些分布式攻击模式,该文提出并论述了一个基于Agent的分布式入侵检测系统的框架及其实现。引入这种分层协作IDS的主要目的是为了克服单一的主机入侵检测系统以及网络入侵检测系统的某些缺陷。在分布式网络环境中,不同的系统主体在各自安全域中执行彼此的独立安全策略;同时,这些系统主体通过相互协作构成上一级安全域。系统框架参考目前流行的通用入侵检测框架CIDF构建,通过经过扩展的CISL实现不同组件间的通讯及协作。
|
| 关 键 词: | 入侵检测系统 分层协作 智能体 网络安全 计算机网络 防火墙 |
| 文章编号: | 1006-9348(2004)03-0133-04 |
| 修稿时间: | 2002年12月23 |
Research on Layered Cooperating Intrusion Detection System |
| |
| CAI Yuan-yuan,WANG Cheng,ZHANG Feng.Research on Layered Cooperating Intrusion Detection System[J].Computer Simulation,2004,21(3):133-136. |
| |
| Authors: | CAI Yuan-yuan WANG Cheng ZHANG Feng |
| |
| Abstract: | With the fast development of network, hackers develop the abilities to attack remote hosts in different places and times through Internet and they have successfully attack many networks by distributed attacks. In this paper we present the framework and implementation of a layered Cooperating Intrusion Detection System (IDS) based on agent. The main focus in layered cooperating IDS is to overcome the design shortcomings of most currently available host based IDS and network based IDS. This paper explores the use of the formal approach in the Common Intrusion Detection Framework (CIDF), and describes Layered Cooperating Intrusion Detection System (LIDS) based on the extension to the common intrusion specification language (CISL). |
| |
| Keywords: | Intrusion detection system(IDS) Agent Layered cooperation CIDF |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
