摘要
传统的 IDS 在 WAN 上配置时,通常会出现计算瓶颈和维护更新不易等问题。本文提出了一种基于移动代理的新型分布式入侵检测系统(Mobile Agent DistrIhuted IDS)。MADIDS 是针对 WAN 环境专门设计的,数据的处理通过各节点所设置的代理来进行分布式计算,不仅能实现全网络范围内的入侵检测功能,具有良好的可移植性;而且对网络系统和主机的资源占用较低,减少出现网络瓶颈的可能。文中建立了 MADIDS 的体系结构和理论分析模型,并讨论了 MADIDS 的维护更新机制。
When traditional Intrusion Detection System (IDS) is used to detect and analyze in WAN, it usually causes the computation bottleneck. This paper presents a new Mobile Agent Distributed IDS (MADIDS) system based on the mobile agents. This system is specifically designed for WAN. In MADIDS, the agents that are set at each node process the data transfer by distributed computation architecture. It has the ability of intrusion detection within the entire net work and has good portability. The consumption of the network and servers' resources is not high, which means the possibility of network bottleneck is decreased. In this paper, we construct the infrastructure and theoretical model of MADIDS, and the deficiencies of MADIDS and future research work are also indicated.
出处
《计算机科学》
CSCD
北大核心
2006年第4期103-105,110,共4页
Computer Science
基金
信息产业部电子信息产业发展基金