| With the development and the aboard application of network, network security is more serious. Thus intrusion tracing technology becomes a hot spot in the domain of current network and information security. Internet's skeleton and scale have caused difficulty for intrusion tracing. Usually intrusion traceback system has huge structure and low efficiency. In order to solve above problem, distributed architecture which uses mobile Agent technology and integrates several kinds of network security equipment will become developing direction of intrusion tracing technology.A network model for Ethernet attack tracing problems based on Aglet is constructed. According to this model, a system is designed and has been realized. A series of Aglet are designed to realize related functions in the system. Information collecting Agents get attack's address by analyzing attacking packets; later tracing Agents operated on the intermediate equipment finish the attacking path and get a next hop of attacking path; at last, tracing Agents confirm successfully after judging or continue tracking back. In addition, Analyzing Agents combined with ACID, has set up an analyzing and controlling window based on invasion database and Web. The system has offered a strong function of search. Users can inquire in invading database to analyze the attacker.The prototype of this system is realized by using Java as the programming language, and by setting IBM Aglet as the mobile Agent environment. Therefore, the system has a merit of strong security, good portability and high efficiency. With the development of ATP technology and the Java immediate translation technology, the system's performance will be further improved. |
PDF Full Text Request