摘要
针对传统分布式入侵检测系统的组件之间依赖程度大、智能化程度不高、系统自身结构固定且不能适应入侵的变化等问题的局限性,在对"软件人"的相关理论和智能特性研究基础上,提出一种基于群体"软件人"(Multi-SoftMan,MSM)的智能入侵检测系统(MSMIIDS).MSMIIDS采取无控制中心的分布式"软件人"体系结构,以自治"软件人"为组织单元,改进了传统分布式入侵检测系统由于高层节点单一无冗余而产生的可靠性差的缺陷,从构造上克服了分布式入侵检测系统的脆弱性.同时MSMIIDS系统中的各"软件人"组件可根据检测需要动态地调整自身状态,以达到动态适应检测任务的需要,从而解决了信任社区内与社区间的协同预警及防御问题,为实现网络系统安全提供了一种新方法.
Traditional distributed intrusion detection systems (DIDS) have many shortcomings, such as heavy interdependence of components, and weak flexibility, intelligentization and reliability of these systems. Through studying and analyzing the intelligence recognition characteristics of "SoftMan", MSMIIDS, which is an acronym for Multi-SoftMan-based intelligent intrusion detection system, is proposed to solve these problems. Compared with the traditional distributed intrusion detection systems, MSMIIDS is a more adaptive and efficient system. MSMIIDS enables member sites in the same trust community or different ones to forewarn attacks cooperatively, and possesses higher detection rate and better self-adaptability. MSMIIDS provides also a way for implementation of computer network system security.
出处
《小型微型计算机系统》
CSCD
北大核心
2009年第8期1630-1634,共5页
Journal of Chinese Computer Systems
基金
国家自然科学基金项目(60375038)资助
北京市自然科学基金项目(4072018)资助
内蒙古教育厅自然科学基金项目(NJZY07116)资助
内蒙古高等院校青年基金项目(BS2006012028)资助
关键词
软件人
入侵检测系统
代理
协作模型
人工智能
分布式
SoftMan
intrusion detection system
Agent
cooperation model
artificial intelligence
distributed
