| 一种基于协同调度的入侵检测框架 |
| |
| 引用本文: | 黄亮,唐文忠.一种基于协同调度的入侵检测框架[J].计算机应用,2006,26(3):567-0568. |
| |
| 作者姓名: | 黄亮 唐文忠 |
| |
| 作者单位: | 北京航空航天大学,计算机学院,北京,100083 |
| |
| 摘 要: | 分析了现有入侵检测系统的不足,讨论了协作的必要性,介绍了一种多主体协同入侵检测框架。本框架采用分布检测和集中处理的结构、通用的警报格式和安全通信协议,由控制中心的调度引擎对协同请求、关联数据收集、警报和新规则的分发进行统一的调度管理。经过测试和应用,能够很好地实现多主体间的信息共享,完成协同检测。
|
| 关 键 词: | 入侵检测 协同调度机制 入侵检测消息交换格式 包装器 |
| 文章编号: | 1001-9081(2006)03-0567-02 |
| 收稿时间: | 2005-09-28 |
| 修稿时间: | 2005-09-282005-12-05 |
Intrusion detection system framework based on collaborative dispatch mechanism |
| |
| HUANG Liang,TANG Wen-zhong.Intrusion detection system framework based on collaborative dispatch mechanism[J].journal of Computer Applications,2006,26(3):567-0568. |
| |
| Authors: | HUANG Liang TANG Wen-zhong |
| |
| Abstract: | The shortages of current intrusion detection systems were analyzed, and the necessity of collaboration was discussed. A mutiagent collaborative intrusion detection framework was put forward. It adopted distributed detection and centralized analysis architecture, generic alert form and secure transfer protocol in this system, unified dispatch by coordinate engine to manage cooperative request, collect relative data and distribute alerts and new rules. This system can well implement information sharing among multiagents and achieve collaborative detection after test and application. |
| |
| Keywords: | intrusion detection collaborative dispatch mechanism IDMEF(Intrusion Detection Message Exchange Format) wrapper |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机应用》浏览原始摘要信息 |
|
点击此处可从《计算机应用》下载全文 |
