A network intrusion detection system with the snooping agents

机译：具有侦探代理的网络入侵检测系统

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

In order to increase the protection ability of the network intrusion diction system (NIDS), it is important to gather the host information of the intruder. In the proposed IDS called NIDS-SA, three basic components are developed to support the active monitoring capability, Intrusion Detection Node (IDN), Intrusion Detection Coordinator (IDC), and Snooper Agent (SA). The IDN is used to capture packets, de-multiplex packets, detect local intrusion and infer intrusion. The IDC is installed in an administration workstation for communicating and managing IDNs, it can also do the intrusion detection and intrusion inferring. The RA consists of several snoop functions for information gathering. After an attack behavior is detected, the RA may launch some kinds of information gathering functions to the attacker, so that the proposed NIDS-SA has the active snoop ability. Furthermore, NIDS-SA includes the functions of the pattern matching and statistical inference. To ensure the secure communication ability between IDC and IDNs, the cryptography-based mechanisms are applied in the design phase of the proposed NIDS-SA. An intrusion detection experiment is carried out in our campus to simulate the real attack scenarios and validate the performance of NIDS-SA.

机译：为了提高网络入侵译码系统（NIDS）的保护能力，重要的是收集入侵者的主机信息。在称为NIDS-SA的拟议ID中，开发了三个基本组件以支持主动监控能力，入侵检测节点（IDN），入侵检测协调器（IDC）和Snooper代理（SA）。 IDN用于捕获分组，解复用分组，检测本地入侵和推断入侵。 IDC安装在管理工作站中以进行通信和管理IDN，也可以进行入侵检测和入侵推断。 RA由几个用于信息收集的Snoop函数组成。在检测到攻击行为后，RA可能会向攻击者发出某些类型的信息收集功能，以便提出的NIDS-SA具有主动窥探能力。此外，NIDS-SA包括模式匹配和统计推断的功能。为确保IDC和IDN之间的安全通信能力，基于加密的机制应用于所提出的NIDS-SA的设计阶段。在我们的校园内进行入侵检测实验，以模拟实际攻击方案并验证NIDS-SA的性能。

著录项

来源
《International Conference on Computer Application and System Modeling》|2010年||共5页
会议地点
作者
Bin Zeng; Lu Yao; ZhiChen Chen;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类 TP3-53;
关键词
Multi agent system; Network intrusion detection system; Pattern matching; Statistical analysis;

机译：多代理系统;网络入侵检测系统;模式匹配;统计分析;

相似文献

外文文献
中文文献
专利

1. Optimized Packet Filtering Honeypot with Snooping Agents in Intrusion Detection System for WLAN [J] . Gulshan Kumar, Rahul Saha, Mandeep Singh, International journal of information security and privacy . 2018,第1期

机译：WLAN入侵检测系统中具有侦探代理的优化包过滤蜜罐
2. A Distributed Self-Adaptive Intrusion Detection System for Mobile Ad-hoc Networks Using Tamper Evident Mobile Agents [J] . Deepa Krishnan Procedia Computer Science . 2015,第1期

机译：使用篡改明显移动代理的移动自组织网络分布式自适应入侵检测系统
3. A Distributed Self-Adaptive Intrusion Detection System for Mobile Ad-hoc Networks Using Tamper Evident Mobile Agents [J] . Deepa Krishnan Procedia Computer Science . 2015,第1期

机译：使用篡改明显移动代理的移动自组织网络分布式自适应入侵检测系统
4. A network intrusion detection system with the snooping agents [C] . Bin Zeng, Lu Yao, ZhiChen Chen 2010 International Conference on Computer Application and System Modeling . 2010

机译：具有侦听代理的网络入侵检测系统
5. Attack resistant mobile agents for intrusion detection systems. [D] . Humphries, Jeffrey Wayne. 2001

机译：入侵检测系统的抗攻击移动代理。
6. Hybrid Modified K-Means with C4.5 for Intrusion Detection Systems in Multiagent Systems [O] . Wathiq Laftah Al-Yaseen, Zulaiha Ali Othman, Mohd Zakree Ahmad Nazri 2015

机译：具有C4.5的混合修改K均值用于多主体系统中的入侵检测系统
7. A Distributed Self-Adaptive Intrusion Detection System for Mobile Ad-hoc Networks Using Tamper Evident Mobile Agents [O] . Krishnan Deepa 2015

机译：使用篡改明显的移动代理的移动自组织网络分布式自适应入侵检测系统

A network intrusion detection system with the snooping agents

摘要

著录项

相似文献

相关主题

期刊订阅