Research of automatic intrusion response implementation methods based on mobile agents
-
摘要: 为了在发现入侵行为后,对系统实施快速、有效的保护,提出了基于移动代理的自动入侵响应系统.通过响应分析自动产生响应计划,并自动派遣移动代理对被攻击主机实行封帐号、封端口、扬声器报警、关机等动作,或通过移动代理进行防火墙联动.响应计划的执行受到动态监控,并根据执行情况动态调整响应计划.所实现的原型系统已在金航网动态防御体系中得到应用,运行结果表明基于移动代理的自动入侵响应能对系统提供有效的保护.Abstract: To protect the system promptly and effectively when an intrusion was detected, a mobile agent based automatic intrusion response system was advanced. The response plan was automatically created and the mobile agents were sent to the hosts that are attacked to disable accounts, close ports, make the speaker aloud and shut down the host. Response agents can also reconfigure firewalls. The implementation of a response plan was monitored and the plan can be adjusted dynamically. The prototype of the system was used in the dynamic network defense system of Jinhang network. The running result shows that the mobile agent based intrusion response method is much more effective.
-
Key words:
- safety /
- responses /
- automatic intrusion response /
- response implementation /
- mobile agent
-
[1] Carver Curtis A, Hill John M D, Surdu John R. A methodology for using intelligent agents to provide automated intrusion response . Proceedings of the IEEE Systems,Man, and Cybernetics Information Assurance and Security Workshop . West Point, NY, 2000 [2] 张云勇. 移动Agent及其应用[M]. 北京:清华大学出版社,2002 Zhang Yunyong. Mobile agent and its application[M]. Beijing:Tsinghua University Press,2002(in Chinese) [3] 张 瑾,张德贤. IBM Aglet系统研究与应用[J]. 开封:河南大学学报,2002,29(3):40~43 Zhang Jin,Zhang Dexian. Research on IBM aglets system and its application[J]. Kaifeng:Journal of Henan University,2002, 29(3):40~43(in Chinese) [4] Wang Ruchuan,Zhao Xinning. The research on mobile agent secruity[J]. The Journal of China Universities of Post and Telecommunications,2002,19(3):47~52 -
点击查看大图
计量
- 文章访问数: 3134
- HTML全文浏览量: 184
- PDF下载量: 4
- 被引次数: 0
下载:
