摘要
入侵检测是收集计算机系统、网络中的多关键点信息,通过对这些信息的分析,从中发现系统或网络中存在的被攻击迹象以及违反安全策略的行为。基于此,提出了一种基于Agent技术的DIDS系统结构模型,以有效地解决对入侵检测系统中网络流量不断增大而造成的数据包丢失问题。该系统可依据网络流量的大小动态调整系统中的检测Agent数量,既不过多消耗系统资源又从而分担了网络流量。
Intrusion detection is the technology to analyze the key points information collecting from the computer system and network,and discover the attacked evidence and the behavior that against the safe strategy in computer system and network. In this paper, an agent-based DIDS system structure model is provided to avoid the case of packets dropping in present network,which is caused by the increasing network throughput. According to the throughput of networks,the number of detection agents in this system can be dynamically adjusted; it does not only over-consume the system resources,and then share the network traffic.
出处
《山西电子技术》
2014年第2期85-86,共2页
Shanxi Electronic Technology
关键词
入侵检测
智能体
入侵检测系统
分布式
intrusion detection
agent
intrusion detection system
distributed