Intrusion And Manager System-An Application Based On Cooperative Intrusion Detection

With the development of the network and attack technique, the traditional technique of intrusion detection has not been sufficient for requirement when it faced all kinds of large-scale and systematical distributed attacks in the condition of sweeping network and flux. The shortcoming emerged such as false negatives, false positives and lack of intelligentized response, embodiment is as follows:1. lacking security of self;2. lacking ability of detection for a new attack;3. lacking ability of between person and machine each other;4. lack of intelligentized response;5. the problem about false negatives and false positives.For settling these of the traditional technique of intrusion detection, the article introduce a model of CIDS(Cooperative Intrusion Detection System) and a commercial application based on it-IMS(Intrusion and Manager System).It can manage security events availably while deal and respond in time because it bases the new generation technique of IDS and use general flux detection to find abnormity while linking geography information to go to the attack events, applying relevancy between attack and leak, then it can give venture analysis between intrusion menace and frangibility of asset. In the material realization, the different function relative to opposite module. Different parts can work all alone and cooperatively, and they can be managed on the same system.Through all modules gather and analyze data cooperatively, the problem of false negatives can be solved ultimately; In the condition of 1000M flux, through data processing adopt side-by-side and more thread groups, the problem of false positives can be solved ultimately; On the basis of those, the problem of intelligentized response can be solved through responding together to interdict reasonable; At last the problem of lacking ability of between person and machineeach other can be solved through all parts can be managed on the same system by graphical interfaces. It incarnates detection,recovery, harmony, manage and so on, which incarnates videotext, controllable and administrable through art conformity.The article expatiate on a tide for application-IMS, which based on the technique of CIDS. Through analyzing the IMS, we summarize some problems based on the technique of CIDS for application and put forward the relevant resolvents for discussing.