| 一种基于Agent技术的入侵检测系统模型 |
| |
| 引用本文: | 杜献峰,强赞霞. 一种基于Agent技术的入侵检测系统模型[J]. 微计算机信息, 2010, 0(3) |
| |
| 作者姓名: | 杜献峰 强赞霞 |
| |
| 作者单位: | 中原工学院计算机学院计算机科学与技术系; |
| |
| 基金项目: | 基金申请人:杜献峰;项目名称:多Agent在网络安全中的应用技术研究;颁发部门:河南省教育厅(2006520020) |
| |
| 摘 要: | 本文首先指出了将Agent技术应用于入侵检测系统的优势,依据入侵检测系统的特点给出了主机的状态转换图,并提出了一个入侵检测模型,该模型的主机中有数据异常检测Agent、特征提取Agent、数据一致性检测Agent、完整性检测Agent以及日志处理,Agent通过学习机制建立行为库,对行为库里的信息进行推理获得入侵规则信息并将其加入到入侵规则库.最后用Aglet技术对该模型进行了仿真和实现,得出基于Agent的入侵检测技术具有较高的检测率及较低的误报率。
|
| 关 键 词: | 移动Agent 入侵检测系统 Aglets |
A Framework of Intrusion Detection System Based on Agent Technology |
| |
| DU Xian-feng QIANG Zan-xia. A Framework of Intrusion Detection System Based on Agent Technology[J]. Control & Automation, 2010, 0(3) |
| |
| Authors: | DU Xian-feng QIANG Zan-xia |
| |
| Affiliation: | DU Xian-feng QIANG Zan-xia(School Of Computer Science,Zhongyuan Institute of Technology,Zhengzhou,Henan,450007,China) |
| |
| Abstract: | In this paper,we point out the advantages of using agent technology intrusion detection system at first. State transformation graph of host is shown then. An intrusion detection framework is designed. There are data anomalous agent,character extraction agent,data consistency agent,integrated agent and log process in host. Agents found action base through learning. Through reasoning to action base agent gets intrusion information and appends the information to intrusion rules base. Finally,simulation and imp... |
| |
| Keywords: | Mobil Agent Intrusion Detection System Aglets |
| 本文献已被 CNKI 等数据库收录! |
|
