Traditional Intrusion Detection System (IDS) based on hosts or networks no longer meets the security requirements in today's network environment due to the increasing complexity and distributivity. A multi-agent di...Traditional Intrusion Detection System (IDS) based on hosts or networks no longer meets the security requirements in today's network environment due to the increasing complexity and distributivity. A multi-agent distributed IDS model, enhanced with a method of computing its statistical values of performance is presented. This model can accomplish not only distributed information collection, but also distributed intrusion detection and real-time reaction. Owing to prompt reaction and openness, it can detect intrusion behavior of both known and unknown sources. According to preliminary tests, the accuracy ratio of intrusion detection is higher than 92% on the average.展开更多
There are two key issues in distributed intrusion detection system,that is,maintaining load balance of system and protecting data integrity.To address these issues,this paper proposes a new distributed intrusion detec...There are two key issues in distributed intrusion detection system,that is,maintaining load balance of system and protecting data integrity.To address these issues,this paper proposes a new distributed intrusion detection model for big data based on nondestructive partitioning and balanced allocation.A data allocation strategy based on capacity and workload is introduced to achieve local load balance,and a dynamic load adjustment strategy is adopted to maintain global load balance of cluster.Moreover,data integrity is protected by using session reassemble and session partitioning.The simulation results show that the new model enjoys favorable advantages such as good load balance,higher detection rate and detection efficiency.展开更多
基金Supported by the Key Program of Natural Science Foundation of China(050335020)
文摘Traditional Intrusion Detection System (IDS) based on hosts or networks no longer meets the security requirements in today's network environment due to the increasing complexity and distributivity. A multi-agent distributed IDS model, enhanced with a method of computing its statistical values of performance is presented. This model can accomplish not only distributed information collection, but also distributed intrusion detection and real-time reaction. Owing to prompt reaction and openness, it can detect intrusion behavior of both known and unknown sources. According to preliminary tests, the accuracy ratio of intrusion detection is higher than 92% on the average.
文摘There are two key issues in distributed intrusion detection system,that is,maintaining load balance of system and protecting data integrity.To address these issues,this paper proposes a new distributed intrusion detection model for big data based on nondestructive partitioning and balanced allocation.A data allocation strategy based on capacity and workload is introduced to achieve local load balance,and a dynamic load adjustment strategy is adopted to maintain global load balance of cluster.Moreover,data integrity is protected by using session reassemble and session partitioning.The simulation results show that the new model enjoys favorable advantages such as good load balance,higher detection rate and detection efficiency.
