Design and Implementation of a Distributed Cooperative Intrusion Detection System
一种分布式协同入侵检测系统的设计与实现

An integrative taxonomy for intrusion detection technologies is proposed in this paper, which can specify accurately existing intrusion detection methods. Aiming at multiple-domain environments, a distributed cooperative intrusion detection system (DCIDS) is designed, which implements cooperative intrusion detection through efficient, secure information exchange among IDSes in different domain. The architecture of DCIDS is described, as well as its four components: sensor, analyzer, manager and user-interface. Some key issues are also discussed, including secure communication and selection places.