摘要
该文分析了入侵检测系统的基本状况以及移动代理的特点,指出了目前入侵检测系统存在的不足,提出了基于移动代理的分布式入侵检测模型(MADIDS)。此入侵检测系统中,引入了移动代理技术,使得入侵检测系统能够跨平台使用;将基于网络和基于主机的检测结合起来,配置了多个检测部件处理;并将所有配置信息存放在数据库中,从而,实现了数据和处理的分离、数据收集、入侵检测和实时响应的分布化。
Intrusion Detection System’s basic situation and the characteristics of the mobile agent are analyzed. Considering the shortcoming of the current intrusion detection system, a model of a distributed intrusion detection based on mobile agents (MADIDS) is proposed. The MADIDS introduce the mobile agent technology,which make the intrusion detection system can cross-platform use, and will be based on both the network and the host. In addition, the MADIDS Configurate a number of detection agents and every agent focused on the detection of a particular work on the one hand. All the configuration information are stored in the database, thus, which achieve a separation of data and processing, and the distribution of data collection, intrusion detection and real-time response.
出处
《电脑知识与技术》
2009年第7X期5925-5927,共3页
Computer Knowledge and Technology
关键词
入侵检测
移动代理
分布式
intrusion detection
mobile agent
distributed