| The openness of Internet offers great convenience of information sharing and exchange, accompanied with crucial challenges to Information Security.With the development of the Internet, Not only the modes and the methods of intrusion are becoming more and more complicated,but also the scale of intrusion is expanding,security issues have evolved into the key problem of information systems. As a kind of active measure of information assurance,IDS can find the intrusion from the trace and pattern of their actions.It has been another line of defence behind the firewall.It acts as the effective complement to traditional protection techniques.The thesis firstly introduces the conception of the Network Security and current situation in network security techniques.Then it analyzes the defects of traditional network security techniques and discusses the IDS's classification. detection methods etc.The thesis secondly presents the Mobile Agent technology and P2P.Mobile Agent is a conception been put forward lately.It offers a new computing paradigm in the form of a software Agent.I t can suspend its execution on a host computer, can transfer itself to another Agent-based host on the network, and can resume execution on the new host.So that the mobile agent has the properties of such as mobility, flexibility, adaptability,operating in heterogeneous environme- nts,reusing code etc.The thesis analysis the existing kinds of distributed intrusion detection system,introduce the distribution level and make the classification of the systems.Based on previous research,the major research works and initiative points in this article are:Firstly,propose a hierarchical cooperation model of distributed intrusion detection system. The model synthesizes the merits of hierarchical model and the cooperation model.Secondly,propose a p2p structure model of mobile agent-based distributed intrusion detection system.The function and configuration of all function modules of the system is particularly discussed and implemented, We talk about the framework of this system, and the structure and operational principle of all kinds of agent in this system. According According to the complicated detection procedure to some intrusion,the workflow and operational principle of the system are described in details.Furthermore,the advantages of the system are generalized at last.Thirdly, analysis the security problem of the system because of the mobile agent,and design the solution to several kind of safe threats.Next, introduct the technology of the protocol analysis.It means when examin the data packet,wo can use the protocol analysis technology to distinguish the protocol type of the data,then use the corresponding data analysis procedure to examin the data packet.So the examination efficiency can improved.Finally, the K-R algorithm used for system data analysis module is parallelized design.And through the comparision the original algorithm and parallel algorithm,we can find that under the... |
PDF Full Text Request