摘要
针对传统防火墙存在的不能防内部攻击、单一失效点等问题 ,提出了一种自适应的分布式微防火墙体系结构 .在该体系结构中 ,基于包过滤的微防火墙运行在受保护实体上 ,并与微入侵检测系统一起提供双重细粒度的安全保护 ;分布式微入侵检测系统提供层次响应和自适应功能 ;移动代理系统实现了安全策略的动态更新 ,并提高了整个系统的可扩展性 .
This article addressed the security problems and presented a Self adaptive Distributed Micro Firewall architecture. In the architecture, micro firewalls based on packet filtering function at the protected hosts to provide dual fine grain protection with Micro IDS. Mobile agent system implements dynamic security policy reconfiguration and enhances the scalability. Distributed Micro IDS performs hierarchical response to intrusion events and supports dynamic security capabilities and provides fast response to attacks from all possible sources. Combined with mobile agents, micro IDS can repel distributed attacks fast and adaptively in the protected network. Our architecture is scalable, topology independent, and intrusion tolerant.
出处
《华中科技大学学报(自然科学版)》
EI
CAS
CSCD
北大核心
2002年第11期7-9,共3页
Journal of Huazhong University of Science and Technology(Natural Science Edition)
基金
湖北省自然科学基金资助项目 (2 0 0 1ABA0 0 1)
