| With the fast development of computer network technology, the network has more and moreinfluence on social life, the network security question also becomes more and more important.There are many new ways to attack the security of the network, in recent years IDS as one kindof active information security defense technology has becomes a hot spot in network securityresearch.On the other hand, mobile agents technology as an emerging technology in the computerscience domain at present, its unique migratory and the autonomy have brought a hugeinnovation for the distributed computing, along with the IDS technology development and theapplication, the mobile agents technology also starts to be introduced in the research ofdistributed intrusion detection technology.In this paper, we introduce mobile agent technology and protocol analysis technology inIDS, and bring out a Distributed IDS Based on Mobile Agent and Protocol Analysis, whichcombines the Jpcap plug-in and mobile agent platform Aglet. In this system, the IDS module isimplemented by two types of detection methods, network IDS and host IDS, which make thesystem more flexible, interoperable and intelligent.Firstly, we analyze and summarize the technologies of IDS and mobile agent. With currentresearch, we introduce the paper and expound the design of the system Distributed IDS Based onMobile Agent (MADIDS) in detail. Secondly, we illuminate the feasibility of MADIDS by theimplementation of packet capture, protocol analysis, detection and the implementation of controlserver, communication. At the end of this paper, we summarize the advantages and disadvantagesof this system, and discuss the future research position of MADIDS. |
PDF Full Text Request