摘要
智能化入侵检测系统可以发现并且及时阻止一些未知或者已知的滥用系统侵入到我们日常所用系统中。这种系统能够自主完成学习以及改善功能。在此模型中收集数据的是一些活动的监测Agent,然后由移动Agent将采集到的数据传送给相关的序列生成器,再由其将所发生的事件进行排序之后传给进行证据发现的发掘引擎,发现证据之后将其传送给检测引擎,同时评估目前规则中所具有的相似性,之后对其进行决策,一般这个环节是由决策引擎来掌控,最后对整个数据库进行维护并且将指令散布给各个活动的监测Agent。
In order to timely find some known or unknown abuse systems and stop them from intruding into our daily used system, this paper presents a new model of intrusion detection system for the readers which can complete independent learning and improve its func- tion. In this model,some moving monitoring agents collect data and transmit the data to the relevant sequence generator. After the e- vents are sorted, they are passed to the explore engine, and when the evidences are found, they will be transmitted to the detection en- gine. At the same time, the similarities existing in the current ruled are assessed for the decision. Usually, this link is controlled by the decision engine. At last, the entire database is maintained and the orders are spread to all moving monitoring agents.
出处
《太原大学学报》
2014年第1期132-135,共4页
Journal of Taiyuan University
关键词
信息安全
数据挖掘
智能化
入侵检测系统
information security
data mining
intelligent
intrusion detection system