Collaborative Intrusion Detection Based on Coordination Agent
Based on the analysis of characteristics of current attacks, a collaborative intrusion detection model using coordination agent is proposed. Then this paper defines the inner structure of intrusion detection agents,introduces its collaboration principle and security solution.On the basis of the above research, an effective algorithm of collaborative detection is put forward. In this model, the complicated collaboration task is finished by some separate coordination agents, which are responsible for synthetically analyzing the detection task that the lower agents are unable to finish and are able to assign the task to the lower associated agents. It not only simplifies the building of detection agents and improves the extent and efficiency of collaboration, thus overcoming the shortcomings of direct collaboration among agents in traditional methods, but also enhances the capability of detecting complex attacks. At the same time, an example shows the feasibility and validity of the model and the algorithm.
Intrusion Intrusion detection Coordination agent Collaborative detection
Ran Zhang Depei Qian Heng Chen Weiguo Wu
Department of Computer Science and Technology, Xian Jiaotong University, Xian 710049 State Key Laboratory on Software Development Environment, Beihang University, Beijing 100083
国际会议
成都
英文
175-179
2003-08-27(万方平台首次上网日期,不代表论文的发表时间)