| The development of Internet offers great convenience for efficient communion of global resources and information. But it also challenges the security of information severely. Nowadays information security has been a crucial problem of information system. Traditional information security model based of subject can't adapt to the development of network technology, P2DR model emerges, as the times require. Intrusion Detection technology is an important component of P2DR model. Being a kind of voluntary information protecting measures, intrusion detection is complement of traditional security protect technology such as firewall, data encryption and etc. It identifies the malice activities of utilizing computer and network resources and offers important information to confront intrusion. Not only does it detect outer intrusion behavior, but also it can supervise unauthorized activities of inside users. It makes up the limitation of traditional security defending technology. By forming dynamic security circulation, it can increase the ensuring security ability furthest, and reduce the risk of security threaten.As the development of computer technology and network technology and the widely adoption of distributed compute environment, the traditional centralized intrusion detection system can't meet the security need. The development of hacker technology, especially the emergence of distributed denial of service assault has made distributed intrusion detection the emphasis of intrusion detection and even the whole network security field. This paper studies the crucial problems of distributed intrusion detection aiming large-scale network.In this paper, we analyze the status of network security and the current network security technology firstly; and then we introduce classic security model based subjects access objects and dynamic security model based P2DR after introducing information security model; and we specify intrusion detection system's importance to maintain information system and computer network system, after that, we advance the work to be completed in this paper ——studying distributed intrusion detection system aiming large scale network. Then, we studied the background of the conceptions and developing courses of intrusion and intrusion detection, and analyze basic work theory and system modules of the intrusion detection system. We introduce the status of the study course by recommending the research hotspot and developed commercial products. And then we introduce the system architectures and specific intrusion technologies of solving distributed intrusion detection system of both here and abroad according to method based of modules and method based of agents, including some prototypes under experiment and some mature criterion.As to the aspect of the system model designing, this paper put forward a hierarchical cooperation hybrid distributed intrusion detection system model. This model divides the network under protects into several security areas, and it is composed of sensor agent, monitor agent, countermeasure agent. The function divisions of the components use the reference of CIDF model, and we do our best to make the function of the modules full and independent. This model embodies the feature of distributed intrusion detection from the distribution of data resources, the distribution of analysis and the cooperation of multi-areas. In addition, the data fusing part of monitor agent utilizes the retrieve local abnormal events by analyzing the correlation of the events sent by sensor agents. After that, we advance the important problems of realizing the model.The component message exchange is stress of realization, and is the key point of distributed detection. We make deep research on message exchange. Based on the need of communication mechanism and message contents and after analyzing the research method of both here and abroad, we design various specific message content and the message exchange flow of login, logout, operating simple assault and operating complicate assault during...
|
PDF Full Text Request