| Intrusion detection is a very important field in network security with high-speed development. It's one of the kernel technology of network security. It not only can detect the outside intrusion action but also can find out the unauthorized activity inside the network. It protects internal network together with firewall and anti-virus tools.In the past twenty five years, intrusion detection developed fast, from host-based intrusion detection system, to network-based intrusion detection system, and to hybrid distributed intrusion detection system. One problem is that the detection technology of the traditional IDS has lots of limitation. In the face of more and more rampant network intrusion, the ability of IDS isn't equal to its ambition. In this paper, the main work is to design a simple IDS antetype based on mobile agent through making use of JDK1.3.1,ObjectSpace and Voyager ORB for exploitation. At the same time, I had experimentalized to validate this antetype.Paper introduces the model of IDS and its related technologies. Then,designs a simple IDS based on the technology of mobile Agent,and realizes its basic function with Java language based on Voyager ORB. The model of IDS is made up of a management module, a data collection module, a data analysis module and MAE , data collection module is the core of the IDS,it is finished by Agent. At the process of designing about Agent,adopts SFT and CPN two modules.Firstly, The system intrusion is turnen into SFT description. Then, SFT description is turned into CPN model. An intrusion detection is corresponded to a CPN model,each pact of this CPN model corresponds to the mobile agent and immobile agent,and Agent is designed on the operational principle of the CPN. At the process of realizing this system,data collection is finished by Snort,data analysis is finished by Agent abstract class, Agent realizable class is used to finishing specific intrusion detection. At last,we have a brief test about our IDS,the result is satisfied. |
PDF Full Text Request