论文部分内容阅读
由于 TCP/IP协议的开放性,目前的网络极易受到攻击。网络入侵行为,特别是分布式入侵行为,给网络的正常运行造成了巨大的危害,阻碍了网络经济的迅速发展。为了能有效地检测和跟踪入侵行为,这里提出了一个基于智能代理的入侵检测系统的体系结构和分布跟踪算法。该系统是一个分布式实时入侵检测系统,它由智能的主机代理、网络代理和路由器/网关代理组咸。每个智能代理都是独立的实体,拥有解决问题的不完全的信息或能力,通过协同工作并使用分布跟踪算法,实时检测网络入侵行为,跟踪网络入侵者,有效地维护网络安全。
Due to the openness of the TCP / IP protocol, the current network is extremely vulnerable. Network intrusion, especially distributed intrusion, has caused great harm to the normal operation of the network and hindered the rapid development of network economy. In order to effectively detect and track intrusions, an architecture and distribution tracking algorithm for intrusion detection system based on intelligent agent is proposed here. The system is a distributed real-time intrusion detection system, which consists of intelligent host agents, network agents and routers / gateway agents. Each intelligent agent is an independent entity with incomplete information or ability to solve the problem. Through collaborative work and using the distributed tracking algorithm, real-time detection of network intrusion and tracking of network invaders effectively maintain network security.