期刊文献+

基于多Agent的入侵快速响应系统 被引量:4

A Multi-Agents Based Effective Response System for Intrusion
下载PDF
导出
摘要 从分析信息安全的现状入手,设计了一个基于多Agent的快速入侵响应系统CI2D&R。结合该系统的网络部署设计,介绍了该系统两个主要组成部分安全间谍和安全警卫的主要功能,并提出了该系统的分层体系结构,分析了系统的主要组成部件及其相应功能,论述了该系统的数据流和接口设计及解决Agent可靠运行的方法。 Flexible intrusion detection and response system (ID&R) needs to maximize security while minimizing cost and making response automatically. A multi-agents based response system, CI2D&R, the cost-based intelligent intrusion detection and response system, is proposed in this paper, which is originally developed as a facility to deal with network-based attacks and to take effective response automatically and intelligently. The networking environment deployed with the CI2D&R consists of two major parts: Guard, which runs on the specific guarded host (GH), and Spy, which runs in guarded network (GN). The components of the CI2D&R are introduced, which include intrusion detection, attack classification, damage analysis, attack path rebuilding, resources automatically safeguarding, disaster recovery, and security management. The several kinds of data flow in CI2D&R are discussed, too. While CI2D&R is only a prototype, some special safety considerations of agents are also addressed.
出处 《电子科技大学学报》 EI CAS CSCD 北大核心 2004年第4期419-422,共4页 Journal of University of Electronic Science and Technology of China
基金 四川省科技厅项目(01GG0712) 国家863计划资助项目(2002AA142040)
关键词 入侵检测与响应 多代理系统 快速响应 信息安全 intrusion detection and response multi-agent system effective response information security
  • 相关文献

参考文献7

  • 1[1]Schnackenberg D, Holliday H, Smith R, et al. Cooperative Intrusion Traceback and Response Architecture (CITRA)[C]. In: Proceedings of the DARPA Information Survivability Conference and Exposition, Anaheim, 2001
  • 2[2]Schnackenberg D, Djahandari K, Sterne D. Infrastructure for intrusion detection and response[C]. In: Proceedings of the DARPA Information Survivability Conference and Exposition, Hilton Head, 2000
  • 3[3]Dipankar D, Fabio A G. An intelligent decision support system for intrusion detection and response[C]. Lecture Notes, Petersburg, 2001
  • 4[4]Savage S, Wetherall D, Karilin A, et al. Practical network support for IP tracebak[C]. Proceedings of the 2000 ACM SIGCOMM Conference, Stockholm, 2000
  • 5[5]Zhou Shijie, Qin Zhiguang, Lu Qin, et al. CI2D&R:Cost-based intelligent intrusion detection and response system[C]. In: Proceeiing of 2002 5th International Conference on Algorithms and Architectures for Parallel Processing, Beijing,2002
  • 6[6]Domingos P. MetaCost: a general method for making classifiers cost-sensitive[EB/OL]. http:∥www. gia.ist.utl.pt/~pedrod, 1999-08-05
  • 7[7]Wenke Lee. Toward cost-sensitive modeling for intrusion detection and response[J]. Journal of Computer Security,2000, 10(1): 5-22

同被引文献16

引证文献4

二级引证文献3

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部