• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>Journal of Central South University of Technology >Design and implementation of self-protection agent for network-based intrusion detection system
【24h】

Design and implementation of self-protection agent for network-based intrusion detection system

机译:基于网络的入侵检测系统自保护代理的设计与实现

获取原文
获取原文并翻译 | 示例
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Static secure techniques, such as firewall, hierarchy filtering, distributed disposing, layer management, autonomy agent, secure communication, were introduced in distributed intrusion detection. The self-protection agents were designed, which have the distributed architecture, cooperate with the agents in intrusion detection in a loose-coupled manner, protect the security of intrusion detection system, and respond to the intrusion actively. A prototype self-protection agent was implemented by using the packet filter in operation system kernel. The results show that all the hosts with the part of network-based intrusion detection system and the whole intrusion detection system are invisible from the outside and network scanning, and cannot apperceive the existence of network-based intrusion detection system. The communication between every part is secure. In the low layer, the packet streams are controlled to avoid the buffer leaks existing in some system service process and back-door programs, so as to prevent users from misusing and vicious attack like Trojan Horse effectively.
机译:在分布式入侵检测中引入了静态安全技术,例如防火墙,层次结构过滤,分布式处理,层管理,自治代理,安全通信。设计了具有分布式体系结构的自保护代理,以松耦合的方式与入侵检测中的代理协作,保护了入侵检测系统的安全性,并主动响应入侵。通过在操作系统内核中使用数据包筛选器实现了原型自我保护代理。结果表明,部分基于网络的入侵检测系统和整个入侵检测系统的主机在外部和网络扫描中都是不可见的,无法感知到基于网络的入侵检测系统的存在。各部分之间的通信是安全的。在低层,对数据包流进行控制,以避免某些系统服务进程和后门程序中存在的缓冲区泄漏,从而有效地防止用户滥用和特洛伊木马之类的恶意攻击。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号