A Framework for Large-scale Distributed Intrusion Management System(LDIMS)
Network is now developing into large-scale and speedup, meanwhile, intrusion methods become more and more complicated. In this network environment, traditional IDSs can¡¯t insure the security of the protected systems. IMS is the trend of IDSs evolution. IMS is a system that combines intrusion detection with urgent response. In IMS, IDSs associate with other security components, such as Firewalls, Vulnerability Scanning Systems, Virus Prevention Systems and network Management Systems. This document describes a hierarchy framework for Large-scale Distributed Intrusion Management System (LDIMS), with which a Large-scale Distributed IMS can be flexibly deployed. layered nodes constitute this framework. Each node is a simple IMS. This document gives a four-layer structure for the simple IMS, the four-layer structure can also be the structure of an independent IMS.