| With the increasing flooding of intrusion,it is found out that security system is less enough,which is constructed from defence Intrusion detection technology, which comes after such protection measures as "Firewall" and "Data encryption" ,is a new kind of safeguard technology, authenticating and responding to malevolent using in computers and network resources .It can detect not only external intrusion ,but supervise internal unauthorized activities of users as well.A distributed intrusion detection and a responsive cooperation model which are based on XML information exchanges are mentioned with the help of data advantages and no connection of platform .cooperation agent is designed ,which is responsible for analyzing and summing up detection results of every intrusion detection agent . It cal also combine alert messages from cooperation agents of other domains to detect more complicated intrusion.What is firstly analysed is the present situation of intrusion detection technology. Secondly ,XML and its related technology are introduced , together with distributed technology and related definition and development of intrusion detection technology. The main advantages and disadvantages are also analysed.Distributed intrusion detection system model is mentioned in the respect of system structure. Cooperation agent module is taken as an example, including work flow of cooperation agent module , obtaining of detection data ,realization of cooperation functions, transmission of alert messages , design and realization of mode matching module together with realization of key technologies ,The key technologies include techniques of following the tracks of conversations ,data collection ,matching calculation ,handling information cased on XML and encryption calculation.Lastly,the distributed intrusion detection system is compared to CIDF. |
PDF Full Text Request