| With the development of the technology of the computer and network technology, the network security question becomes more and more important. The traditional security technology, Encryption, fire wall technology, etc., be unable to meet network security's demands, so Intrusion detection technique emerge as the times require. Intrusion detection technique can carry on dynamic and real-time detecting, and have responding function. Intrusion detection system is an important component of the P2DR (Policy Protection Detection Response, abbreviated as P2DR), which is a dynamic safe model. So to further investigate the Intrusion detection technique is very important and have actual meanings.With computer scientific development, Agent becomes increasingly important in artificial intelligence and computer. Agent can imitate the human behavior, and have human characteristic, such as autonomy, sociality, adaptability, intelligent. The application of Agent involves each field of the life of human society. The researchers of academia and industrial pay attention to theoretical research and application of Agent system.This paper researches the Intrusion detection technique and Agent technology, and gives and designs a distributed and delaminated intrusion detection system model based on multi-agent. The main work include:1 .Seeing the important function of the intrusion detection technique for the network security, this paper research the intrusion detection system (IDS) and analyze the virtue and disadvantage of the misuse detection or anomaly-based. Have deeply probed into the application of multi-Agent technology.2. This paper provides a delaminated detection system model based on multi-agent, and applies the data pre-dispose technology and data integration technology in the system. In the system, apply the Intrusion detection technique of the based on unusual behavior and signature-based, and adopt the way of host and network configuration cooperating each other.3. Adopt the distributed system structure in the system model design, and delaminate to detect. Design Agent of controlling type as center and gateway, host compeering, detection, tactics, four types Agent of taking charge of different task, make up of multi-Agent system, each Agent adopt a different intrusion detection method and data source, and not between Agent each other in coordination with, not each other serve. So the system can carry on overall detecting to the behavior of intruding, protect the security of the computer network effectively.4. The function of all kinds of Agents carries on detailed description in this paper; provide a realization instance of detecting Agent finally.5. Communication question in any distributed system need to consider emphatically, so this paper make further discussion the agent's communication too, select pipe (pipe) as communication way inside Agent and Socket ascommunication way between Agent finally.The main innovation of this paper is providing a system model based on multi-Agent, and applies the data pre-dispose technology and data integration technology in the intrusion detection system. Designing many kinds of Agents to the task, they adopt the distributed structure in the network and thedelaminated detection. |
PDF Full Text Request