UML-based analysis method for collaborative intrusion detection system
-
摘要: 为了提高对分布式协同攻击的检测能力,提出了一种具有广泛适用性的分布式协同入侵检测模型,该模型以多代理为构造基础,通过协调代理协同下层检测代理,实现对复杂攻击的协同检测.采用统一建模语言(UML),对模型的主要功能、静态组织结构、代理内部的推理行为和代理间的交互行为进行了分析和设计.UML为协同入侵检测系统的分析和设计提供了有效的手段,方便了与其它安全系统的集成.Abstract: To enhance the capability of detecting distributed attacks, a general model of distributed collaborative intrusion detection was proposed, which is based on multi-agent. It achieves detection of complex attacks through coordinating the lower-level agents using coordination agents. Unified modeling language (UML) was employed to analyze and design the main functions and the static structure of the model, the inner reasoning behavior of agents and the cooperating behavior among agents. UML provides an effective means for the analysis and design of collaborative intrusion detection system, which facilitates its integration with other security systems.
-
Key words:
- safety /
- coordination /
- measuring /
- coordinated attack /
- agent /
- unified modeling language
-
[1] 刘 超, 张 莉. 可视化面向对象建模技术——标准建模语言UML教程[M]. 北京:北京航空航天大学出版社, 1999 Liu Chao, Zhang Li. Visual object-oriented modeling technology—course of standard modeling language UML[M]. Beijing:Beijing University of Aeronautics and Astronautics Press,1999(in Chinese) [2] Zhang Ran, Qian Depei, Bao Chongming, et al. Multi-agent based intrusion detection architecture . 2001 International Conference on Computer Networks and Mobile Computing . New York:IEEE Press, 2001. 494~501 -
点击查看大图
计量
- 文章访问数: 3513
- HTML全文浏览量: 223
- PDF下载量: 856
- 被引次数: 0
下载:
