The present invention relates to an intelligent intrusion detection system based on a distributed intrusion detection agent, the delivery of the dynamic collection with information from the intrusion detection agent distributed learning and detection agents study detected character code to the detector.; An object of the present invention is to increase the intrusion detection rate of the total dispersion agent.; The present invention is detected by the IDS engine chair plurality of detection to obtain a kernel audit data provided by the system in accordance with the code identifying the suspected degree through which characters; Coordinator of the detector to automatically receive the intrusion action to take appropriate measures to inform the current intrusion alert to determine whether the intrusion of computer nodes or intrusion intrusion doubts about being passed from the detection of each party; Normal state, and by collecting the information of the abnormality intrusion steady state operation and the unsteady state operation scenario generator for virtually generating a work order; It includes the detector learning machine for distributing the detected character code learning by learning characters detected through the scenario generated by the scenario generator.; Since, according to the present invention to study the penetration pattern for detecting the agent with this by dynamically collecting the intrusion information hackers from each of the detection agent distributed on the basis of the variance detection agent distribution the learned detected character code entire dispersion agent the intrusion detection rate can be improved.
展开▼
