Based On The Multi-agent Intrusion Detection System Technology Research

With more and more sites intruded by hackers,security experts have found that it is not enough to build a comprehensive security system only using defensive techniques. The intrusion detection is a new dynamic security technique in addition to traditional security protect techniques,such as firewall and data encryption. IDS watches the computer and network traffic for intrusive and suspicious activities,it detects not only the intrusion from the Internet hackers,but also from the intranet users.After analyzing the disadvantages of the traditional defensive network security architectures,our work and researches focus on the key implementation techniques of distributed intrusion detection system based on multi agents -MADIDS . The following contents are discussed in the thesis.1) After analyzing and comparing the existing IDS and ID techniques,this paper proposes a MADIDS model which integrates most existing security techniques in one architecture by applying the MAS(Multi Agents System) model of AI science.This model makes the distributed data-collecting .distributed data-processing .distributed response intelligent adaptive hiberarchy detection.2) In order to improve the detection efficiency of network intrusion detection,we design a hash-pattern-tree-based multi patterns match algorithm used in signature detection.3) In order to improve the expansibility and maintainability of ids,we describe and design a common attack signature database.4) We describe the implementation techniques of network funtion agent and communication agent of MADIDS model.5) We describe the design and implemention of an agent-based network intrusion detection prototype system .This prototype implements a network agent in linux platform which is compound of cooperative detection agent and communication agent ,and a remote agent console in windows 2000 platform.Our work has been applied in the tianyi angle commercial intrusion detection system which has formed its own selling market .Our work plays an important role in the expansibility and maintainability of tianyi angle system.