摘要: Network application has become a part of our everyday life. With the increasing convenience and popularity network, more malicious users utilize network to obtain their vicious intentions. In order protect users’ information security privacy, various intrusion detection systems were proposed developed in last decade. Intrusion as an emerging technology made great achievements theory practice, whose aim is confidentiality, integrity or availability system resource. As complex system, development includes many aspects, such architecture design, design implementation components, test real cases, so on. Though have been presented, most them mainly focus on one two aspects systems. This thesis aims at providing rudimentary solution for agent-based Peer-to-Peer distributed framework. The major contributions this include following five aspects. 1. Introducing novel framework which involve different agents peers; 2. Designing functionalities each agent by using JACK/UML approach; 3. Representing knowledge about according employing ontology; 4. Developing efficient task allocation protocol used coordinate hosts collaboratively detect attacks; 5. Implementing testing reasonable manner utilizing environment, i.e. JACK . summary, integrates technology, architecture, ontology technique protocol. Implementation experiments
参考文章(71)
Thomas R. Gruber, A Translation Approach to Portable Ontologies Knowledge Acquisition. ,vol. 5, ,(1993)
C Zhang, C Li, Q Song, MA-IDS Architecture for Distributed Intrusion Detection using Mobile Agent IEEE. ,(2004)
Anand S. Rao, Michael P. Georgeff, Modeling rational agents with a BDI-architecture principles of knowledge representation and reasoning. pp. 317- 328 ,(1997)
Jia-Ling Lin, X.S. Wang, S. Jajodia, Abstraction-based misuse detection: high-level specifications and adaptable strategies ieee computer security foundations symposium. pp. 190- 201 ,(1998) , 10.1109/CSFW.1998.683169
P. Kannadiga, M. Zulkernine, DIDMA: a distributed intrusion detection system using mobile agents software engineering artificial intelligence networking and parallel distributed computing. pp. 238- 245 ,(2005) , 10.1109/SNPD-SAWN.2005.31
Vern Paxson, Bro: a system for detecting network intruders in real-time Computer Networks. ,vol. 31, pp. 2435- 2463 ,(1999) , 10.1016/S1389-1286(99)00112-7
William Stallings, Lawrie Brown, Computer Security: Principles and Practice ,(2008)
Stephen E. Smaha, Terrance L. Goan, James Brentano, Daniel M. Teal, Karl N. Levitt, Biswanath Mukherjee, Steven R. Snapp, L. Todd Heberlein, Gihan V. Dias, Tim Grance, Che-Lin Ho, Doug Mansur, DIDS (distributed intrusion detection system)—motivation, architecture, and an early prototype Internet besieged. pp. 211- 227 ,(1997)
Liu Fang, Ming Cai, Hao Fu, Jinxiang Dong, Ontology-Based Fraud Detection international conference on conceptual structures. pp. 1048- 1055 ,(2007) , 10.1007/978-3-540-72588-6_168
Yanxiang He, Wei Chen, Min Yang, Wenling Peng, Ontology Based Cooperative Intrusion Detection System network and parallel computing. pp. 419- 426 ,(2004) , 10.1007/978-3-540-30141-7_59