摘要
提出了一种基于安全从属关系的分布式网络入侵检测模型。当某个网络结点遭到入侵时,该模型能自动评估入侵的网络范围,并自动响应来阻止对下一个网络结点的入侵。该模型采用了本地代理与中央代理分布式协同工作模式来分析入侵,与传统的集中式分析模式相比,具有明显的优势。
In this paper a new distributed network intrusion detection model is presented. In our model, security dependency relation (SDR) is defined to describe the inherent security relations among different network nodes, and ripple effect analysis is used to detect, assess, and prevent intrusions based on SDRs. In order to improve the scalability and efficiency of our approach, the distributed cooperative process method of local agents and central agents is used to analyze intrusion. This method is more effective than the traditional concentrative process method.
出处
《杭州电子工业学院学报》
2004年第6期20-24,共5页
Journal of Hangzhou Institute of Electronic Engineering
基金
浙江省自然科学基金项目(Y104426)
浙江省教育厅高校科研计划项目(20040457)
关键词
网络安全
分布式入侵检测
入侵评估
水波效应分析
安全从属关系
network security
distributed intrusion detection
intrusion assessment
ripple effect analysis
security dependency relation
