Skip to Main Content
To solve the problems of intrusion management system in large-scale distributed next generation network, a large-scale distributed intrusion management system module is presented. The system can be divided into four layers: the first layer is the data collection layer, whose task is to collect the raw data from network; the second layer is the agent layer, whose task is to distribute the data from data collection layer to all kinds of agents to analysis the especial security event; the third layer is the analysis layer, whose tasks are to further analyze the even, associate and converge the alerts; the fourth layer is management layer, whose tasks are to decide and respond the intrusion, correspond the work of static agent and mobile agent. In addition, the key sub-modules of the system are introduced. Finally, the future direction of network intrusion management system in nest generation network is presented.