期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种基于多Agent的分布式入侵检测系统设计 被引量:1

An Distributed Intrusion Detection System Model Based on Multi-agent
在线阅读 下载PDF
导出
摘要 在分析现有基于Agent的入侵检测系统的基础上,提出了一种基于多Agent分布式入侵检测系统模型。该模型采用了分布检测、分布响应的模式,各Agent之间具有良好的相对独立性。通过多Agent技术的思想建立系统总体结构,给出了模型的各个组成部分,并对结构中各种Agent与中心控制台的功能设计进行了分析。同时对涉及到特征匹配算法、动态选举算法、协同算法进行了初步的设计与分析。系统可充分利用各Agent的协同完成入侵检测任务,实时响应,可有效地改进传统IDS。 An intrusion detection system (IDS) aims to increase the security of a computer system by dynamically monitoring various features and parameters of the system so as to be able to detect intrusions at the earliest possible. In this paper, a distributed IDS (DIDS) model based on multi-agent is proposed by analyzing the existed agent-based IDS, which adopts the method of distributed detection, distributed response and the ideology of multi-agent. And it describes all the composed parts of DIDS model and analyzes the function design of all kinds of agent and the control centre. To im- prove the performance of the control centre, an algorithm for reasoning must be presented to solve the problem of judge the uncertain access. Furthermore, the algorithms of feature matching, dynamic election and cooperation are discussed preliminarily. The proposed DIDS may make full of all kinds of information to cooperatively complete the detection and make real-time response, which effectively improves the traditional DIDS.
作者 马常楼 刘永庆
机构地区 海军计算技术研究所
出处 《计算机与数字工程》 2009年第6期102-106,共5页 Computer & Digital Engineering
关键词 分布式入侵检测系统 多AGENT 特征匹配 协同 distributed intrusion detection system, multi-agent, feature matching, cooperation
分类号 TP39 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献10

  • 1Wang Y, Behera S R, Wong J, et al. Toward the Automatic Generation of Mobile Agents for Distributedln- trusion Detection System[J]. The Journal of System and Software, 2006, 79 : 1 - 14.
  • 2PORRAS P, NEUMMAN P. EMERALD: Event Monitoring Enabling Response to Anomalous Live Disturbances[C]. The 20th National Information System Security Conference. Baltimore, Maryland, USA, 1997, 353--363.
  • 3SPAFFORD E, ZAMBONI E. Intrusion Detection Using Autonomous Agents [J]. Computer Networks, 2000, 34(4): 547-570.
  • 4SNAPP S, BRENTANO J, (Distributed Intrusion System) DIAS G, et al. DIDS Motivation, Architecture, and an Early Prototype [C]. Proceedings of the 14th National Computer Security Conference, 1991,10.
  • 5STANIFORD C S, CHEUNG S, CRAWFORD R, et al. GRIDS -- a Graph Based Intrusion Detection System for Large Networks[C]. Proceedings of the 19th National Information Systems Security Conference, 1996,9.
  • 6JANAKIRAMAN R, WALDVOGEL M, ZHANG Q. Indra.. a Peer-to-peer Approach to Network Intrusion Detection and Prevention[C]. Proceedings of IEEE WET- ICE 2003, Linz, Austria, 2003.
  • 7WHITE G, FISCH E, POOCH U. Cooperating Security Managers a Peer--based Intrusion Detection System[J]. IEEE Network, 1996,10(1) :20-23.
  • 8马恒太,蒋建春,陈伟锋,卿斯汉.基于Agent的分布式入侵检测系统模型[J].软件学报,2000,11(10):1312-1319. 被引量:122
  • 9HOCHBERG J, JACKSON K, STALLINGS C. NADIR: an Automated System for Detection Network Intrusion and Misuse [J]. Computer and Security, 1993, 12 (3) :235-248.
  • 10吴骏,王崇骏,王珺,陈世福.基于多Agent的动态层次化分布式入侵检测系统[J].计算机科学,2007,34(2):71-75. 被引量:7

二级参考文献22

  • 11,Bishop M. A model of security monitoring. In: Proceedings of the 5th Annual Computer Security Applications Conference. 1989. 46~52. http://seclab.cs. ucdavis.edu/papers.html
  • 22,Staniford-Chen S, Cheung S, Crawford R et al. GrIDS: a graph based intru sion detection system for large networks. In: Proceedings of the 19th National Information Systems Security Conference, Vol 1. National Institute of Standards a nd Technology, 1996. 361~370
  • 33,Hochberg J, Jackson K, Stallings C et al. NADIR: an automated system for detecting network intrusion and misuse. Computers and Security, 1993,12(3):235~2 48
  • 44,White G B, Fisch E A, Pooch U W. Cooperating security managers: a peer-based intrusion detection system. IEEE Network, 1996,10(1):20~23
  • 55,Forrest S, Hofmeyr S A, Somayaji A. Computer immunology. Communications of th e ACM, 1997,40(10):88~96
  • 66,Hunteman W. Automated information system alarm system. In: Proceedings of the 20th National Information Systems Security Conference. National Institute of Standards and Technology, 1997
  • 77,Porras P A, Neumann P G. EMERALD: event monitoring enabling responses to anom alous live disturbances. In: Proceedings of the 20th National Information System s Security Conference. National Institute of Standards and Technology, 1997
  • 8Balasubramaniyan J S, Farcia-Femandez J O, Isacoff D, et al. An Architecture for Intrusion Detection Using Autonomous Agents:[Technical report]. 98/05. Purdue University, 1998
  • 9Shajari M, Ghorbani A A. Application of Belief-Desire-Intention agents in intrusion detection and response. In:Proceedings of Privac, Securit, Trust (ST04)Conference, Fredericto, New Brunswick,October, 2004, 181-191
  • 10Boudaoud K, Foukia N, Gessoun Z. An Intelligent Agent Approach for Security Management. In: HPOVUA' 2000, June 2000

共引文献125

同被引文献4

引证文献1

二级引证文献3

计算机与数字工程
2009年 第6期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部