| The application of Internet in persons' lives and business has been becoming more and more frequent and important,while it incurs nonlicet network intrusion. The purpose of (distributed)denial-of-service attack is to use up resources of some network or computer with ill-disposed purpose,and the attack method be prone to use,impact evidently and be invincible,so it becomes more and more popular. This attack measure usually brings network into paralysis,makes enterprises suffer from fateful loss. So establishing effectual recovery mechanism should be the first aim of enterprises.Now active recovery system against network intrusion often adopts firewall and intrusion detection system. This recovery system gain prominent effects,but it has momentous limitation,i.e. it has difficulties in defending denial-of-service attack. By analyzing current popular denial-of-service attack mode,we try to find methods that can make up the deficiency of current active intrusion detection system.In the process finding effective intrusion detection mechanism against denial-of-service attack,we have found that hierarchy distributed structure has single points of failure,and the victim computer is indiscoverable to discover the attack sources. For resolving this problem and remedy current IDS,we put forward an mobile agent-based Cooperative intrusion detection system model---MACIDS model.By studying,summarizing the knowledge of controlling network flow(filtering a large number of vicious packets),tracing the attack source and hiding intrusion detection agent component and so on,and colligating these theories and technologies,we conclude an mobile agent-based cooperative intrusion detection system model---MACIDS model. This model constructs a distributed intrusion detection system by "cooperation" in lots of network domain,hides intrusion detection agent component and recovers critical computer host by Fault-tolerant property of mobile agent,and resists distributed denial-of-service attack.By theories analyzing,we have proved this model has definite ability against distributed denial-of-service. In addition,we develop mobile agent programs that prove the model is feasible.
|
PDF Full Text Request