Distributed Intrusion Detection System Based On Mobile Agent Technology And Research

In the past decade, with the network attacks having become more common and sophisticated, more and more security technologies are developed. Among these technologies, intrusion detection technology is one of the focuses, it can detect the attacks from both outside and inside of network, and it should be an important part of the perfect security architecture. The research of intrusion detection has grown considerably nowadays, and there are a large number of intrusion detection systems have been developed to address different needs. However, the traditional intrusion detection systems(IDSs) have some shortcomings in certain aspects, such as flexibility, interoperability etc. Therefore, people begin to seek for new technologies.The development of mobile Agent technology presents a new approach for the research of IDS. This papers is an initial exploration into the relatively unexplored terrain of using Mobile Agents(MAs) for IDSs, and a distributed intrusion detection system basedon mobile Agents------MAIDS is brought out, which makes the system have tasks areimplemented by two type of detection MAs, which makes the system have certain flexibility, interoperability and intelligence as well as good performance.After providing the background knowledge of intrusion detection system and mobile Agent, we introduce the design of the system architecture firstly, and then begin to expound the design and implementation of MAIDS in detail.As to MAIDS, we discuss it as following order. Firstly, we introduce the whole structure of it, which mainly includes four parts: the part of Management, the part of detection, the part of analysis and the part of response. Secondly, each module of MAIDS is discussed, including the structure, the function and the implementation. At last, we focus on the difficult part of this system, then we introduce the methods of solving these problems.At the end of this dissertation, we summarize the advantage and disadvantages of this system, and discuss the future research directions of MAIDS.