摘要
文章介绍了一种基于分层结构的网络入侵检测模型,它包括以下三部分:一个中心控制级检测模块,多个主机级检测模块和网络代理级检测模块。它们之间通过代理协同检测网络行为,实现实时入侵检测。另外,还介绍了各部分之间的通信机制。
The proposed architecture for this hierarchical intrusion-detection system consists of the following components:a host manager(a monitoring process or collection of processed running in background)in each host;a network manager for monitoring each net in the system;and a central manager which is placed at a single secure location and which receives reports from various hosts and net managers to process these reports,correlate them,and detect intrusions.These three components complete their communication through a kind of agent (namely,TransAgent ).
出处
《计算机工程与应用》
CSCD
北大核心
2003年第35期142-144,共3页
Computer Engineering and Applications
基金
山东省自然科学基金资助项目(编号:Y2001G09)
关键词
网络安全
入侵检测
自治代理
Network Security,Intrusion Detection,Agent
