ISSN 1000-1239 CN 11-1777/TP

• 论文 • 上一篇    下一篇

一种基于移动代理自动优化的分布式入侵检测系统

王 晋 李德全 冯登国   

  1. (中国科学院软件研究所信息安全国家重点实验室 北京 100080) (中国科学院研究生院 北京 100039) (wangjin@is.iscas.ac.cn)
  • 出版日期: 2006-01-15

An Automatically Optimized Distributed Intrusion Detection System Using Mobile Agent

Wang Jin, Li Dequan, and Feng Dengguo   

  1. (State Key Laboratory of Information Security, Institute of Software, Chinese Academy of Sciences, Beijing 100080) (Graduate University, Chinese Academy of Sciences, Beijing 100039)
  • Online: 2006-01-15

摘要: 随着网络技术的飞速发展,网络入侵检测系统需要处理大量的数据,处理能力的缺乏会引起入侵事件的漏报或误报,提高入侵检测系统的处理能力是目前急需解决的关键问题.AODIDS是一个由移动代理作为优化组件、多个分析结点及探测结点组成的可自动进行优化的分布式网络入侵检测系统. AODIDS的优化组件执行系统的性能评估,制定相应的优化策略,在规定的系统检测正确率的前提下平衡分配网络流量,从而尽可能地发挥整个系统的处理能力.

关键词: 分布式入侵检测系统, 移动代理, 优化

Abstract: Now the traditional distributed intrusion detection system in network has many limits because of several technical difficulties encountered in keeping pace with the increasing network speed and communication complexity between applications. AODIDS is proposed, which can optimize itself by a mobile agent named Improver Agent. Improver Agent roves and evaluates the performance of an Analyzer Agent. According to the evaluation, the Improver Agent makes an optimization plan to make the most of the capacity of the system.

Key words: distributed intrusion detection system , mobile agent, optimization