检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]东北大学信息科学与工程学院,沈阳110004 [2]国家计算机网络与信息安全管理中心,北京100031
出 处:《高技术通讯》2007年第11期1107-1111,共5页Chinese High Technology Letters
基 金:863计划(2002AA784030,2003AA781011)资助项目
摘 要:分析了Ad Hoc网络对入侵检测系统的要求,设计了一种适合移动Ad Hoc网络的基于移动代理的跨层入侵检测系统。在该系统中,检测节点监听其邻居节点网络层和MAC层的通信行为,将跨层信息作为审核数据的来源,在袭击的早期阶段就能够收集足够的袭击证据进行本地入侵检测。当本地监测信息不足以作出判断时,则引入移动代理技术进行协作检测,节约了网络资源,避免了联合检测对网络节点密度的要求,从而降低了误判率,提高了检测效率,增强了系统的分布性、灵活性和适应性。用仿真软件NS-2搭建网络仿真平台进行了仿真实验,结果表明,该检测系统能更好地保障网络安全。On the basis of analyzing of the technical requirements of an intrusion detection system for Ad Hoc networks, a mobile agent based cross-layer intrusion detection system is proposed. In the system, detecting nodes monitor their neighbors' communicating behavior on network layer as well as MAC layer. Multi-layer information monitored locally, as an important resource of audit data, enables local intrusion detection to collect enough intrusion evidences in the early period of attack. If local information is insufficient to evaluate the state, mobile agent technology is adopted. This collaborating detection can save network resources and avoid the restriction of desired nodes density in united detection, and thus reduces the miscarriage of justice rate, increases the detecting efficiency and provides the system with distributed property, flexibility and adaptability. The performances of the system were simulated with NS-2 (Network Simulations) software. The simulation results indicate it can safeguard the network under attack and maintain the network performance.
关 键 词:AD HOC网络 安全 入侵检测 移动代理 跨层
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.44