摘要： 给出了一个入侵自动响应系统的总体结构，总结了可能的响应方式作为研究的前提和基础，介绍了基于Mobile Agent 事件决策机制、自适应技术和协同技术，完成了相应的原型系统。该系统具有易扩充性、配置简单、避免单点时效性、在异构环境中运行等优点，并在保证结点可控性和检测效率的同时提高了系统的容错性和协作能力。

关键词: 移动代理, 自动入侵响应, 响应决策, 自适应

Abstract: This paper introduces the general architecture of automated intrusion response systems, summarizes the possible countermeasures that make the basis of the research, and focuses on the introduction of three important techniques, including decision-making based on mobile agent, the self-adaptive technique, and cooperate technique, which are applied to a distributed intrusion detection system. By integrating the advantages of the easy extension, configuration, different environment, this system improves the ability of error tolerance and cooperation without degradation of controllability and efficiency.

Key words: Mobile agent, Automated intrusion response, Response decision, Self-adaptation

中图分类号: 

• TP309