摘要
该文借鉴群居昆虫的“群集智能”特性,提出了1种结构简单、资源消耗小。但能检测复杂入侵行为的分布式入侵检测系统模型。该模型将一整体入侵检测系统分解为若干功能独立、单一的检测单元,各检测单元有相对较小的检测数据源,可同时提高检测效果和效率,且通过相互间的信息交流与共享,可实现协作检测。每个检测单元的信息提供与信息利用是该模型的核心,而相应的信息存取效率是影响该模型性能的关键,该文提出了基于因特网开放最短路由协议OSPF的优化方案。实验结果表明所提出的模型具有有效性。
This article uses the "swarm intelligence" characteristics of infesting and presents a model for distributed intrusion detection system, which is simple insects for reference in structure and low in resource consumption but can detect complex intrusion behaviors. The entity intrusion detection system of the model is separated into numbers of detection units that are independent and unitary in function but can cooperate with each other. The core idea of the model, or the realization of the swarm intelligence of the model, is that each detection unit offers information to the detection system and utilizes information from the detection system. The key technology of the model is to make every distributed detection unit accessible to the shared database efficiently. An optimization plan based on internet routing protocol OSPF (Open Shortest Path First ) is provided. The experimental result shows the validity of presented model.
出处
《南京理工大学学报》
EI
CAS
CSCD
北大核心
2006年第5期587-591,共5页
Journal of Nanjing University of Science and Technology
基金
国家"863"项目(2004AA411020)江苏省教育厅自然科学资金(KJD520068)
关键词
入侵检测
群集智能
网络安全
intrusion detection
swarm intelligence
network security