| The development of computer network technology bring convenience to people, but at the meantime there are some insecure factors from them. Traditional security technology such as firewall, encryption, Identity certification doesn' t satisfy the need of modern network security, so the technology is proposed which is dynamic and real-time processing, and has response function.An intrusion detection model based on mobile agent is proposed by analyzing and researching currently distributed Intrusion Detection Model. The model is composed of data collector, intrusion agent, alarm agent, response agent, monitor agent, agent server and database. In this model, mobile agents are used to assurance security of intrusion detection system itself. Dynamic adding, deleting and modifying agents not only may strengthen dynamic configuration management and scalable property of intrusion detection system, but also may lessen reliability requirement and bandwidth consumption for network.Misuse detection technology is used to implement intrusion detection system based on network. Pattern match is used in misuse detection. Misuse detection technology first is to analyze known attack, pick up characters of attacks, and detect whether the network packet appears in the intrusion rule set to determine whether intrusion has happened. In pattern matching method , protocol analysis is introduced in order to availably improve Intrusion Detection System (IDS) dependability , and improve the structure of Snort rule base and improve upon algorithm and . It can greatly cut down pattern matching the amount of calculation and improve accuracy and reduce the rate of positive error.
|
PDF Full Text Request