Due to the rapid growth of the network application, new kinds of network attacks are emerging endlessly. So it is critical to protect the networks from attackers and the intrusion detection technology becomes popular. On the basis of analyzing the defect of a kind of modern distributed intrusion detection system, this article proposes a distributed intrusion detection system model based on agents. This system adopts the way which combines static agent and mobile agent, Host-based Intrusion Detection System (IDS) and Network-based Intrusion Detection System. The function of each module in the system is described in detail. The system uses mobile agent for decentralized data collection, data analysis and response, and has certain dynamic learning capability. The self-adapt ability of the system is strong and can solve the main problems of the modern system. Finally, the preliminary implementation of the module in this system like agent is given in detail and the system's performance evaluation is presented.

• 出版日期2008
• 单位湖南大学