摘要
提出了一种基于立体式Agent的分布式入侵检测系统的模型。该模型是一种开放的结构,具有很好的扩充性,采用了有中心控制能力的模块和有一定独立控制和处理能力的并行Agent的检测单元,并能跟踪入侵的信息,对其行为进行裁定和处理。同时采用了一定的状态检测机制和数据签名策略,保证了Agent的自身和通信的安全。
The framework model proposed in this paper is a distributed intrusion detecting system based on a tridimensional agent.The framework is an open system, which has good scalability. It adopts a central controlling module and a detecting module for side-by-side agent, which can dependently control and process. It also can track in and note the intrusing data, then test it. The state-checking mechanism and policy of authentication in this model ensure the security of the agents themselves and the communication among them.
出处
《计算机工程》
CAS
CSCD
北大核心
2005年第7期160-162,165,共4页
Computer Engineering
关键词
立体式入侵检测
分布式模型
AGENT通信
协作预警
裁定
Tridimensional intrusion detecting
Distributed model
Agent communications
Cooperation presentiment
Arbitrament
