The problem of computer security in the network has become very severity and ubiquity. Current conventional computer security techniques and personal response seem incapable of dealing with these threats. Intrusion detection systems have become an effective defense and detection method in the network system and offer techniques for modeling and recognizing normal and abusive system behavior. At the same time intrusion detection systems can monitor the transporting information in network to find proper attacks. Intrusion detection systems have developed from single monolithic system to distributed system based on agents. Intrusion detection systems base on mobile agent are just in lab. How to use the mobile agent to analyze and detect attack is a hot topic.After researching much of Intrusion detection systems technique today, this paper first introduces intrusion detection system and mobile agent technology; then gives the system design of distributed IDS based on mobile agent; at last provides the detailed design and implement of the IDS sub-system about user behavior. In this sub-system, system log as data source for analyzing user behavior, so as to complete detect intrusion.
|