| As the swift development of internet scale and application, the network security is becoming more and more important in people's life. As the attack ways have become various and complex and acquirement of attack tools is becoming easier and easier, the demands are getting lower with regard to attacking internet. At the same time, the escalating network security environment has made traditional firewall meet the challenge no longer. In this situation intrusion, detection technology has become the focus point of network security research.This paper analyzes and researches the current research status and development direction about intrusion detection system technology. Aiming at the current network security threats and research on distributed intrusion detection system both domestic and abroad, this paper designs a prototype of Agent-based Distributed Intrusion Detection System, which is called ADIDS. This prototype combines agent and distribute technology, and adopts the architecture of hierarchical. Through the detailed architecture and communication design of key agents such as intrusion detection agent, monitor agent, cooperation detection agent, this system can detect distributed intrusions by collaboration within the different type agents.At the same time, we design a recovery mechanism which can solve the single point failure issue caused by monitor agent, and make the system have the certain robustness. The anomaly detection function was implemented in the intrusion detection agent based on the BP neural network technology and snort plug in technology.Though optimizing the key parameters such as the training algorithm, the number of hidden layer neurons by experiment, the reliable experimental data and results show the intrusion detection module which calls BP_snort can play an active role in intrusion detection. |
PDF Full Text Request