| 协同分布式入侵检测系统模型 |
| |
| 引用本文: | 杨小平,窦昱. 协同分布式入侵检测系统模型[J]. 计算机工程与应用, 2002, 38(15): 241-243,246 |
| |
| 作者姓名: | 杨小平 窦昱 |
| |
| 作者单位: | 中国人民大学信息学院,北京,100872 |
| |
| 摘 要: | 由于入侵行为存在相关性,单纯依靠其中独立的检测器来准确地发现和阻止入侵行为是非常困难的,同样地在整个网络系统里单纯依靠分布式入侵检测系统来准确地分析、发现和阻止入侵行为也是非常困难的,如何实现分布式入侵检测系统中的各个检测器间的协同以及将入侵检测系统与现有的或将有的安全系统协同工作是一件非常迫切和重要的任务。该文提供了一个新的解决方案,它既可以根据需要,随时实现自动高效地配置相互间具有协同能力的入侵检测器,又可以做到和网络上的其他安全系统之间的协同。从而可以极大地减轻网络管理员的安装配置压力,实现自动、高效、一致地保证整个网络系统安全。
|
| 关 键 词: | 入侵检测 协同 分布式 Agent STAT |
| 文章编号: | 1002-8331-(2002)15-0241-03 |
A Co-operation Distributed Intrusion Detection System Model |
| |
| Yang Xiaoping Dou Yu. A Co-operation Distributed Intrusion Detection System Model[J]. Computer Engineering and Applications, 2002, 38(15): 241-243,246 |
| |
| Authors: | Yang Xiaoping Dou Yu |
| |
| Abstract: | With the increasing of co-relation of the intrusion activities,it is difficult for a stand-alone sensor to collect data,analyze them and then response against the intrusion activities,and at the same time ,the stand-alone distributed intrusion detection system(IDS)faces the same thing.How to implement the co-operation between the different sensors in the distributed IDS and the co-operation between the various security systems such as firewall,virus defense system,security OS and even security applications is a more important and critical task in current IDS field.This article pro-vides a new solution for building a highly configurable,effective and consistent distributed IDS with the co-operation between the different sensors in the same IDS and the co-operation with other security systems automatically to meet the increasing security needs,and in return such IDS system will greatly lessen the pressure of network administrators and increase security of the whole network. |
| |
| Keywords: | intrusion detection system(IDS) co-operation distributed Agent STAT |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
