摘要
为了解决入侵检测系统花费巨大及在单机上占用主机大量系统资源的问题,提出了一种新型的基于Honeypot和MobileAgent的入侵检测系统AH-IDS,并根据MobileAgent能够在网络中自由移动等特点重点分析了系统的工作流程、主要部分的架构组成和AH-IDS中监视器组件的设计。通过两个简单的例子说明AH-IDS可以通过分析入侵攻击的特性来实现对简单攻击的检测,并通过对AH-IDS的性能的分析说明了AH-IDS的检测性能与其它的IDS相比有了提高。
In order to resolve the high IDS costs and huge system resource requirements in a terminal computer, A honeypot and mobile agent-nased intrusion detection system (AH-IDS) is proposed. According to t he characteristic which the mobile agent can freely move in the network, the work flow of the system is analyzed, the majority components is proposed, the design of the monitor is presented. AH-IDS can detect the simple attack by analyzing the invasive characteristics from two simple examples, and the detecting capabilities of the AH-IDS are enhanced by analyzing the capabilities of the AH-IDS.
出处
《计算机工程与设计》
CSCD
北大核心
2006年第24期4786-4788,共3页
Computer Engineering and Design
