UML-based analysis method for collaborative intrusion detection system
Qian Depei1, Zhang Ran2, Bai Yuebin1*
1. School of Computer Science and Technology, Beijing University of Aeronautics and Astronautics�� Beijing 100083, China;
2. Department of Computer Science and Technology, Xi'an Jiaotong University, Xi'an 710049, China
To enhance the capability of detecting distributed attacks, a general model of distributed collaborative intrusion detection was proposed, which is based on multi-agent. It achieves detection of complex attacks through coordinating the lower-level agents using coordination agents. Unified modeling language (UML) was employed to analyze and design the main functions and the static structure of the model, the inner reasoning behavior of agents and the cooperating behavior among agents. UML provides an effective means for the analysis and design of collaborative intrusion detection system, which facilitates its integration with other security systems.