The Research On Distributed Intrusion Detection System Based On CORBA

The computer and Internet technology are changing the appearance of the human society; it is the question of information and online security with its one that followed. Invade technology more and more towards tantalization, complicates, melts, and distributed melting to develop with the direction of scale indirectly. Meanwhile invade the constant making progress too of the detection technique, a safe gate of end after it is considered to be the fire wall, it is an important component in the online security system. The development attacking of technology, the especially distributed appearance that attacked, make the limitation of traditional unit IDS more and more obvious, then produced and invaded the detection system distributed. The constructing differently of the network , distributing, the trends and open attribute demand to adopt a kind of new way to control and manage open resources, only constructed and built in and dealt with the invasion detection system on the environment distributed and could adapt to the development measured in existing and future invasion better. And CORBA (Common Object Request Broker Architecture) technology is introduced in order to realize distributed calculation.Therefore this text will invade the detection technique and CORBA technology to combine together, invade the detection system model based on CORBA technology and distributed after designing one. The research, design and realizing working mainly of the thesis including several following respects:1 Have analyses the current situation of the online security, has done the summary in invading the technology and development. And has discussed emphatically that invades the detection technique. Have probed into and invaded and measured the background built up, the problem to be solved distributed. Diligent to introduce the standardization which invades CIDF model and IDWG measured. Therefore the developing question is summarized in intrusion detection.2 Combine existing to invade detection system interaction bad , bad can stepplatform and to distributed to invade deficiency measured to attacking expansibility that exist, have probed into the characteristic of CORBA technology, the deep studying carrying on the feasibility that CORBA technology combines with invading the detection technique. It is included that the excellence of CORBA can make up the disadvantages in intrusion detection, and make them integrated have excellent practicality.3 Have designed the Distributed Intrusion Detection System Based CORBA (CDIDS). Have introduced the design philosophy of the model at first; and described each function module of CDIDS: Agent device, monitoring the centre and CORBA target to ask to act for ORB. The system model has strong function, particularly depiction, and describes the function of the CDIDS.4 Realize to CDIDS concretely some problems in the course have carried on research. CDIDS IDL, target of interface realize, communication and communication protocol HOP, distributed target of CDIDS of CDIDS transfer the mode. The formal work resolves some key questions in the implication of CDIDS; improve the whole function of the system.