摘要
针对现有的基于移动代理的入侵检测系统,自身安全性低、难以应对分布式入侵行为的缺陷。提出一种改进的模型,为每一个移动代理添加身份验证、完整性鉴定和加密机制,提高了入侵检测系统自身的安全性;在检测实体中加入监视Agent和响应Agent,通过多Agent技术来实现检测自治化和多主机间检测信息的协调,有效地检测了分布式的攻击行为。
Present mobile agent-based intrusion detection system has the defects of low secure itself and hard to cope with the distributed intrusions.In light of these,the paper presents an improved model,in it the ID authentication,integrity identification and encryption mechanism are appended onto every mobile agent,which raises the security of intrusion detection system itself;for testing entities,the monitoring agent and responding agent are inserted,with the use of multi-agent technology to achieve the autonomy of detection and the coordination of detecting information between multiple hosts,thus the distributed attacks are detected effectively.
出处
《计算机应用与软件》
CSCD
2010年第5期136-138,161,共4页
Computer Applications and Software
基金
黑龙江省科技厅基金项目(GC05A124)
