Multi-agent distributed intrusion detection system model based on evidence reasoning
基于证据推理的多agent分布式入侵检测系统模型

This paper proposed a distributed IDS (DIDS) model utilizing both multi-agent and evidence reasoning by analyzing the existed agent-based IDS, which adopted the method of distributed detection, distributed response and the ideology of multi-agent. And it described all the composed parts of DIDS model and analyzed the function design of all kinds of agent and the control centre. To improve the performance of the control centre, presented an algorithm for evidence reasoning to decrease the computation and increase the accuracy of combination. Furthermore, discussed the algorithms of dynamic election and cooperation preliminarily. The proposed DIDS may make full of all kinds of information to cooperatively complete the detection and make real-time response, which effectively improves the traditional IDS.