摘要
提出了一种基于智能体技术的自适应入侵检测系统体系结构,将智能体技术和自适应模型生成技术应用于入侵检测系统中。智能体技术的应用解决了传统的集中式入侵检测系统的弊病,将任务处理和数据分布到网络各个结点上,通过各种智能体来协作完成入侵检测任务,充分利用网络和主机资源。而智能体与自适应模型生成技术相结合,采用遗传算法建立准确的数据模型,使得入侵检测系统能够自动配置和更新不同环境下的入侵检测模型,能够通过自我学习、自我改进来提高系统的入侵检测能力和适应能力。
An agent-based self-adaptive intrusion detection system is presented. Compared with the traditional centralized intrusion detection system the new system distributes tasks and data to every node in the network and uses a set of various cooperation agents to perform the intrusion detection. Hence it can make full use of the resources of the hosts and the network. This system integrates agents with self-adaptive model generation and adopts a genetic algorithm to create accurate data models. It can configure the parameters and renew the intrusion detection models on the fly. Through self-learning and self-improvement the detection ability and the self-adaptability of the system can be increased.
出处
《成都信息工程学院学报》
2004年第4期535-540,共6页
Journal of Chengdu University of Information Technology
关键词
自适应模型生成
入侵检测
智能体
遗传算法
self-adaptive model generation
intrusion detection
agent
genetic algorithms