Multi-SoftMan入侵防御系统模型的智能弹性架构  被引量：6

作　　者：马占飞[1] 郑雪峰[1] 曾广平[1] 涂序彦[1] 

机构地区：[1]北京科技大学信息工程学院

出　　处：《计算机科学》2008年第6期46-49,66,共5页Computer Science

基　　金：国家自然科学基金(60375038,60503024);北京市自然科学基金(4072018)

摘　　要："软件人"(SoftMan,SM)是在Agent(代理)、智能机器人、人工生命等技术基础上提出的一个新概念,它为解决当前网络入侵检测中存在的诸多问题提供了新的思路。本文在深入研究入侵检测与防护技术的基础上,受"软件人"技术的启示,提出了基于群体"软件人"(Multi-SoftMan,MSM)入侵防御系统的智能协商控制模型及相应的算法。模型采取无控制中心的群体"软件人"结构,充分利用"软件人"本身的独立性、自主性、自学习、自适性、遗传和变异等特性,尽量降低各检测部件间的相关性,避免了单个中心分析器带来的单点失效问题。每个数据采集部件、检测部件和分析部件都是独立的单元,不仅实现了数据采集的分布化,而且将入侵检测和实时响应分布化,提高了系统的健壮性,真正实现了分布式检测的思想,这有助于解决目前入侵检测系统普遍存在的智能化程度不高、系统不易维护、检测效率低下等问题。＂SoftMan＂ is a new concept based on production of distributed technique, agent, intelligent robot and artificial life, and its corresponding theory and technology fruits provide a good foundation and reference for studying the present intrusion detection systems （iDS）. Inspired by the intelligence recognition capability of ＂SoftMan＂, a novel Muhi-SoftMan intrusion prevention system （MSMIPS） negotiation control model and relevant algorithm are presented and researched deeply for network security systems, which model is adopted distributed intelligence architecture. In order to reduce the relativity of each detection components as far as possible and avoid the simple point failure caused by the single central analyzer, the model is adopted the non-control center Muhi-SoftMan architecture, which is used to ＂SoftMan＂ attributes, such as independence, activity, self-learning, self-adaptation, inheritance and variation, and so on. All of the components in model, such as data collection units, intrusion detection and analysis units, are independent, which has realized successfully the distributing data collection and the real-time detection and response. Therefore, the robustness of the system is enhancing, the distributing detection idea is realized really, and helps to improve intrusion detection efficiency, intelligentization and maintainability.

关 键 词：群体“软件人” 入侵检测 入侵防御 协商控制 智能弹性架构 代理 

分 类 号：TP393.08[自动化与计算机技术—计算机应用技术] TP242.6[自动化与计算机技术—计算机科学与技术]