| With the rapid development of the computer and network technology, computer security is increasingly more important. The intrusion detection is an essential component of the security infrastructure Protection mechanisms. But in the face of rapid changed, updated network environment and various new attack methods, to some extent, the traditional IDS are limited in the effectively and extensibility and adaptability.The development of mobile agent technology presents a new approach for the research of IDS. This paper is an initial exploration into the relatively unexplored terrain of using Mobile Agent for IDS, and a distributed intrusion detection system based onmobile agents——MIDS is brought out, which combines the techniques of host-basedIDS and network-based IDS. In MIDS, the detection tasks are implemented by two type of detection MAs, which makes the system have certain flexibility, interoperability and intelligence as well as good performance.After providing the background knowledge of intrusion detection system and mobile agent, this dissertation introduce the design of the system architecture, and then begin to expound the design and composition of MIDS in detail. Firstly, it introduce the whole structure of MIDS, which mainly includes two parts: Control Server and Detected Host. Secondly, each module of MIDS is discussed, including the structure, the function, the security policy, the mechanism of update and maintains, and so on. At last, there are two experiments to confirm the feasibility of MIDS. |
PDF Full Text Request