| This dissertation is based on the project of the architecture of an agents-based distributed intrusion detection system(ABDIDS).With the research of the typical distributed intrusion detection systems(DIDS),we propose a framework model of new DIDS based on agents. The architecture of ABDIDS mentioned here has many remarkable differences with other DIDSs .On the one hand, it avoids the single-point failure through two kinds of fault-tolerance methods. On the other hand, it solves the problem that agents are difficult to be managed and controlled in the point-to-point distributed-IDS.Moreover, we introduce the whole framework and how its components cooperate in details.This model provides the interface for IDS based Network and IDS based Host, which is the foundation of the cooperation among different agents. Another benefit is the combination of anomaly intrusion detection and misuse intrusion detection, so the attack known or unknown can be detected.One of the highlights in the ABDIDS is the introduction of mobile agent (MA) which can inspect the status of every node and distribute configuration parameters. The mobile agent system applied by ABDIDS provides a platform for MA to migrate and communicate. Its execution layer is java virtual machine .By means of java's RMI, we accomplish MAs' migration. In order to protect MAs and hosts, we design adaptive security strategy. At last, we introduce the main interfaces and classes defined in the mobile agent system. |
PDF Full Text Request