摘要: 基于Snort设计一个分布式协作入侵检测系统。将感性信任理论和反馈思想相结合,减小系统误判断的几率,提升系统的自适应能力。给出协作节点间的数据传输协议、基于感性信任的协作机制及信任度更新算法。通过模拟攻击对系统进行测试,结果证明,节点间可以实现对等协作,有效避免协作过程中误判断的发生。
关键词:
入侵检测系统,
分布式,
协作,
感性信任
Abstract: Based on Snort, this paper presents a Distributed Cooperative Intrusion Detection System(DCIDS). Through introducing subjective trust theory and feedback theory into cooperative detection, the system reduces the probability of misjudge, and improves self-adapting capability. It introduces transmission protocol between nodes, and proposes the cooperative scheme and the trust level update algorithms. The system is tested by simulated intrusion, and result shows that it completes the cooperative detection, and reduces the probability of misjudge properly.
Key words:
Intrusion Detection System(IDS,
distributed,
cooperative,
subjective trust
中图分类号:
薛严冬, 韩秀玲, 戴尚飞. 基于Snort的分布式协作入侵检测系统[J]. 计算机工程, 2010, 36(19): 165-167.
XUE Yan-Dong, HAN Xiu-Ling, DAI Chang-Fei. Distributed Cooperative Intrusion Detection System Based on Snort[J]. Computer Engineering, 2010, 36(19): 165-167.