【摘要】 文章介绍了一种基于分层结构的网络入侵检测模型,它包括以下三部分:一个中心控制级检测模块,多个主机级检测模块和网络代理级检测模块。它们之间通过代理协同检测网络行为,实现实时入侵检测。另外,还介绍了各部分之间的通信机制。更多还原

【Abstract】 The proposed architecture for this hierarchical intrusion-detection system consists of the following components:a host manager(a monitoring process or collection of processed running in background)in each host;a network manager for monitoring each net in the system;and a central manager which is placed at a single secure location and which receives reports from various hosts and net managers to process these reports,correlate them,and detect intrusions.These three components complete their communication through a kind of agent (namely,TransAgent ).更多还原