| 基于多Agent的入侵快速响应系统 |
| |
| 引用本文: | 周世杰,秦志光,张峰,张险峰,刘锦德.基于多Agent的入侵快速响应系统[J].电子科技大学学报(自然科学版),2004,33(4):419-422. |
| |
| 作者姓名: | 周世杰 秦志光 张峰 张险峰 刘锦德 |
| |
| 作者单位: | 1.电子科技大学计算机科学与工程学院 成都 610054 |
| |
| 基金项目: | 四川省科技厅资助项目,国家高技术研究发展计划(863计划) |
| |
| 摘 要: | 从分析信息安全的现状入手,设计了一个基于多Agent的快速入侵响应系统CI2D&R。结合该系统的网络部署设计,介绍了该系统两个主要组成部分安全间谍和安全警卫的主要功能,并提出了该系统的分层体系结构,分析了系统的主要组成部件及其相应功能,论述了该系统的数据流和接口设计及解决Agent可靠运行的方法。
|
| 关 键 词: | 入侵检测与响应 多代理系统 快速响应 信息安全中 |
| 收稿时间: | 2003-01-02 |
A Multi-Agents Based Effective Response System for Intrusion |
| |
| Affiliation: | 1.School of Computer Science and Engineering,UEST of China Chengdu 610054 |
| |
| Abstract: | Flexible intrusion detection and response system (ID&R) needs to maximize security while minimizing cost and making response automatically. A multi-agents based response system, CI2D&R, the cost-based intelligent intrusion detection and response system, is proposed in this paper, which is originally developed as a facility to deal with network-based attacks and to take effective response automatically and intelligently. The networking environment deployed with the CI2D&R consists of two major parts:Guard, which runs on the specific guarded host (GH), and Spy, which runs in guarded network (GN). The components of the CI2D&R are introduced, which include intrusion detection, attack classification, damage analysis, attack path rebuilding, resources automatically safeguarding, disaster recovery, and security management. The several kinds of data flow in CI2D&R are discussed, too. While CI2D&R is only a prototype, some special safety considerations of agents are also addressed. |
| |
| Keywords: | |
|
| 点击此处可从《电子科技大学学报(自然科学版)》浏览原始摘要信息 |
|
点击此处可从《电子科技大学学报(自然科学版)》下载全文 |
|
