| Intrusion detection can monitor and analyze the behavior of users and system, audit the system configuration and holes, assess the integrality of data and sensitive system, recognize attack action, stat and audit the abnormal behavior, collect the patch related with system automatically, and record the hacker's action uses honey pot. Intrusion detection helps system administrator monitor, audit and assess the system state easily and available.As an active secure protection technology, Intrusion detection protects the system from internal attack, external attack and misuses. Intrusion detection responses the intrusion before the system be harmed. A multi-layer, in-depth defense system is set up by intrusion detection system. This thesis study some issues on set up an distributed intrusion detection system based on mobile agent technology.Firstly, network security model and the principles of intrusion detection system are discussed. Based on the above analysis, a multi-layer distributed intrusion detection architecture based on mobile agent is proposed, and the properties of the architecture are discussed.Secondly, object-oriented technique is adopted when we design and implement the system prototype. We present corresponding security strategy and mechanism for emerging attacks against IDS and threats to the system related to mobile agent.Finally, this thesis discusses the trend of IDS, and introduces thinking of tolerance intrusion. To set up a multi-layer, in-depth defense system, an integration of traditional network security and IDS is needed.
|
PDF Full Text Request