In this paper, the tool "sniffer" is introduced and controlled as a sensor by the IDS via mobile agents; these agents gather intrusion detection data and send them back to the server for analysis. We propose a distributed intrusion detection system (DIDS) which detects intrusion from outside the network segment as well as from inside using mobile agents. The proposed model consists of three major components: Intrusion Detection Component, Mobile Agent Environment, Data Analysis Component and distributed sensors residing on every device in the network segment. Compared with traditional central sniffing IDS techniques, the system shows superior performances and saves network resources.

• 出版日期2009
• 单位天津理工大学