| 基于免疫原理的入侵检测技术研究 |
| |
| 引用本文: | 李建飞 吴国新. 基于免疫原理的入侵检测技术研究[J]. 微机发展, 2005, 15(1): 131-134 |
| |
| 作者姓名: | 李建飞 吴国新 |
| |
| 作者单位: | 东南大学计算机网络和信息集成教育部重点实验室,东南大学计算机网络和信息集成教育部重点实验室 江苏南京210096,江苏南京210096 |
| |
| 摘 要: | 文中在深入分析免疫原理的基础上,提出了一个分层检测的分布式入侵检测系统模型。模型采用提取检测规则库中的规则生成自动匹配的四层检测规则集,经反向筛选后分别注入对应检测层的移动检测代理(MDA),MDA迁移到各检测代理子结点处协同完成入侵检测和响应,实现免疫特性。具有这样免疫特性的多代理能对大流量的分布式网络进行分层检测和响应,能在局部和全局的不同层次上检测入侵攻击,具有较好的自适应性、可扩展性和智能性。
|
| 关 键 词: | 入侵检测 移动检测代理 免疫 |
| 文章编号: | 1005-3751(2005)01-0131-04 |
| 修稿时间: | 2004-05-18 |
Research on Intrusion Detection Technology Based on Theory of Immunity |
| |
| LI Jian-fei,WU Guo-xin ion Integration Southeast University,Nanjing ,China). Research on Intrusion Detection Technology Based on Theory of Immunity[J]. Microcomputer Development, 2005, 15(1): 131-134 |
| |
| Authors: | LI Jian-fei WU Guo-xin ion Integration Southeast University Nanjing China) |
| |
| Affiliation: | LI Jian-fei,WU Guo-xin ion Integration Southeast University,Nanjing 210096,China) |
| |
| Abstract: | A kind of delamination-detection and distributed IDS model based on complete analyzing the immunity theory is put forward.The model has the characters of real-time,self-adaptability,expansibility,intelligence because the model can realize immunity by creating the auto-matching detection rule collection by adopting four layers divided from the detection rule database.After these detection rule collections are reverse-filtered they are separately injected the mobile detection agent(MDA) which has corresponding detection rule collection.Then these MDAs corporately execute intrusion detection and response.Having the immunity,the multi-agents can carry out delamination-detecting and response to the great-flux and distributed network,and can dectect the intrusion and attack in local and whole network. |
| |
| Keywords: | intrusion detection MDA immunity |
| 本文献已被 CNKI 维普 等数据库收录! |
