引用本文: | 吴作顺,窦文华,刘志峰.基于免疫学的多代理入侵检测系统.[J].国防科技大学学报,2002,24(4):42-47.[点击复制] |
WU Zuoshun,DOU Wenhua,LIU Zhifeng.Immunity-Based Multi-agent Intrusion Detection System[J].Journal of National University of Defense Technology,2002,24(4):42-47[点击复制] |
|
|
|
本文已被:浏览 6574次 下载 6392次 |
基于免疫学的多代理入侵检测系统 |
吴作顺, 窦文华, 刘志峰 |
(国防科技大学 计算机学院,湖南 长沙 410073)
|
摘要: |
在探讨免疫学基本原理的基础上,提出了基于免疫学的多代理系统,用于联网计算机的入侵检测与反应。在这个框架中,基于免疫学的安全代理在联网节点之间漫游,监视网络状态。这些代理相互识别对方的活动行为,以等级方式进行合作,并根据底层安全规则采取相应的行动。移动代理具有学习能力,能动态适应周围环境,检测出已知与未知的入侵。多代理检测系统同时在不同层次监视联网计算机的活动情况,包括用户级、系统级、进程级和数据包级。基于免疫学的多代理入侵检测系统是灵活的、可扩展的和可适应的,能够根据管理员的需要与参数配置实时监视网络。 |
关键词: 计算机免疫学 入侵检测系统 移动代理 多代理系统 |
DOI: |
投稿日期:2002-03-19 |
基金项目: |
|
Immunity-Based Multi-agent Intrusion Detection System |
WU Zuoshun, DOU Wenhua, LIU Zhifeng |
(College of Computer, National Univ. of Defense Technology, Changsha 410073, China)
|
Abstract: |
Based on investigating immunological principles, the paper presents a multi-agent system for intrusion detection and response in networked computers. The immunity-based agents roam around the nodes, and monitor the situation in the network. These agents can mutually recognize each other's activities, coordinate in a hierarchical fashion, and take appropriate actions according to the underlying security policies. Mobile agents can learn and adapt to the environment dynamically and can detect both known and unknown intrusions. The multi-agent detection system can simultaneously monitor networked computer's activities at different levels, including the user level, system level, process level and packet level. The immunity-based multi-agent intrusion detection system is designed to be flexible, extendible, and adaptable that it can perform real-time monitoring in accordance with the needs and preferences of administrators. |
Keywords: computer immunology intrusion detection system mobile agent multi-agent system |
|
|
|
|
|