| Nowadays, with the development of computer science and technology, computer and network are used everywhere. Some organizations and departments have suffered the destruction in various degree in their data kept while benefiting from them. To these intrusions, studying high-efficient network security protection and detection technique and developing a practical detection system have great research practice commercial meaning. This paper has put forward some opinions on the basis of studying many well-known intrusion detection systems (IDS).Firstly, the paper designs a systematic model of an agent-based intrusion-tolerant distributed coordination intrusion detection system combining agent technique based on analyzing the characteristic of a lot of kinds of distributed intrusion detection system (DIDS). We talk about the framework of this system, and the structure and operational principle of all kinds of agent in this system. According to the complicated detection procedure to some intrusion, the workflow and operational principle of the system are described in details. Furthermore, the advantages of the system are generalized at last.Secondly, the paper discusses one of the key problems, which is coordination and communication among agents. The coordination is studied among agents, and the communication content is summarized according to it, and a set of feasible protocol are designed which are lying on the application layer. Otherwise, the communication model is developed which is on basis of remote procedure call (RPC).Finally, another important problem is also studied that is the self-security of IDS. This paper talk about the faults belonged to thissystem, and such measures are adopted as packet-filtering, situation-monitoring, secure communication and so on during designing the system in order to overcoming these weakness and guaranteeing its self-security. All these measures make it possible having the ability of intrusion-tolerant.
|
PDF Full Text Request