期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于管理代理的分布式入侵检测系统设计 被引量:1

Design and implementation of distributed intrusion detection system based on management agent
下载PDF
导出
摘要 将网络管理系统与入侵检测系统相结合,建立基于管理代理的分布式入侵检测系统框架结构。研究管理代理的自治性、协同性以及管理代理间消息通信机制,建立管理代理的功能结构,设计基于遗传算法的调度Agent算法。从网络的各个层次分析管理信息库中与入侵检测有关的管理对象,建立检测规则库。完成分布式多层次结构化的具有自安全性的入侵检测系统的开发,达到管理代理对网络和主机监听目的。研究结果表明:根据攻击的本质特征,使用从管理信息库的统计数据中获取检测规则的方法,能有效实现对隐蔽和复杂攻击的检测。 Combined network management system with intrusion detection system(IDS), the architecture of distributed intrusion detection system based on management agent was established. Good properties such as autonomy, cooperativity, communication mechanism among management agent were studied. Function structure of management agent was established and scheduling agent algorithm was also designed based on genetic algorithm. Management objects related to intrusion detection in management information base(MIB) were analyzed to form rules from different network levels. A distributed intrusion detection system with hierarchical structure and self-security was designed to monitor the running context of the system, and the rules were mined in intrusion detection from MIB according to the essence of network attack. The result shows that this method is efficient enough to meet the need of active detect complex intrusion.
作者 康松林 樊晓平 费洪晓 胡赐元 孙永新
机构地区 中南大学信息科学与工程学院
出处 《中南大学学报(自然科学版)》 EI CAS CSCD 北大核心 2007年第6期1174-1178,共5页 Journal of Central South University:Science and Technology
基金 国家自然科学基金资助项目(60173041) 湖南省自然科学基金资助项目(05JJ30119)
关键词 入侵检测系统 网络管理 管理代理 遗传算法 intrusion detection system network management management agent genetic algorithm
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献15

二级参考文献75

共引文献45

同被引文献15

  • 1康松林,费洪晓,施荣华.网络应用软件监控系统监控信息传输的设计与实现[J].中南大学学报(自然科学版),2006,37(2):341-346. 被引量:9
  • 2Jacobson V.Congestion avoidance and control[J].ACM Computer Communication Review,1988,18(4):314-329.
  • 3IETF RFC3649.Highspeed TCP for large congestion windows[S].
  • 4Katabi D.Handlcy K M,Rohrs C.Congestion control for high bandwidth-delay product nctworks[C]//Proceedings of the 2002 SIGCOMM conference.Ncw York:ACM Press,2002:89-102.
  • 5Moore D,Voolker G M,Savage S.Inferring interact denial of servie activity[C]//Pruceedings of the 10th conference on USENIX Security Symposium.Berkeley:USENIX Association,2001:9-22.
  • 6ZHANG Yong-guang,Henderson T R.An implementation and experimental study of the explicit control protocol(xcp)[C]//Proceedings of the 24th IEEE INFOCOM.New York:IEEE Computer Society,2005:1037-1048.
  • 7Savage S,Cardwell N,Wetherall D,et al.Tep congestion control with a misbehaving receiver[J].ACM SIGCOMM Computer Communications Review,1999,29(5):71-78.
  • 8Sherwood R,Bhattacharjee B,Braud R.Misbehaving tcp receivers can cause internet-wide congestion collapse[C]//Proceedings of the 12th ACM conference on Computer and Communications Security.New York:ACM Press,2005:383-392.
  • 9Dukkipati N,Kobayashi M,SHEN Rui-zhang,et al.Processor sharing flows in the Internet[C]//Proceedings of the 13th IEEE International Workshop on Quality of Service.Berlin:Springer,2005:271-285.
  • 10Qazi I,Znati T.On the design of load factor based congestion control protocols for next-generation networks[C]//Proceedings of the 27th IEEE INFOCOM.New York:IEEE Computer Society,2008:96-100.

引证文献1

中南大学学报(自然科学版)
2007年 第6期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部