摘要
针对当前入侵检测系统和入侵检测分析方法的弱点,提出了一个融合多检测技术的基于Multi-Agent的分布式入侵检测系统模型,采用了基于移动Agent的文件完整性检测技术。该模型实现了入侵检测的分布化,具有很好的扩充性,增强了入侵检测的准确率,提高了入侵检测系统的性能,能更好地满足大规模分布式网络环境的安全要求。
In view of the weakness of current intrusion detection system and intrusion analysis method, a distributed fusing multi detection technology intrusion detection system model based on multi-Agent is brought forward. Apart from traditional analysis technology, file integrity analysis method based on mobile agent is added to the analysis Agent too. The model realizes the distribution of intrusion detection, owns good scalability, improves the accuracy of intrusion detection, enhances the intrusion detection system's capability by using multi detection technology. So it can meet extensive security demand of the distributed network environment.
出处
《计算机工程与设计》
CSCD
北大核心
2008年第7期1633-1635,1646,共4页
Computer Engineering and Design
基金
国家863高技术研究发展计划基金项目(2002AA113160、2003AA1Z2290、2004AA1Z2130)
关键词
入侵检测
多代理
多检测技术
分布式入侵检测系统
文件完整性检测
intrusiondetection
multi-Agent
multi detection technology
distributed intrusion detection system
file integritydetection