As the Internet grown widespreadly, illegal accesses that cause a chain reaction based on viruses and worms are increasing. To prevent the chain reaction of illegal access, we should detect in early stages and cope with these accesses. However, usual security technology such as Intrusion Detection System only detects unlawful invasions after suffered damage to system. Therefore, if these viruses and worms cause illegal accesses on other domain, we cannot detect them. In past research, a distributed center collects some information of intruders. The center finds the chain reaction of illegal access. However, these methods cannot exchange intrusion information between domains with different policy in operation. In this thesis, I propose a new method that interchanges intrusion information between domains and aim for detection of chain reaction of illegal access. I can observe unlawful invations in early state by employing my mechanism. This thesis reports state of research of exchanging distributed intrusion detection information and considers requirement items of these information. Furthermore, based on these requirements, I propose a mechanism of exchanging intrusion detection information and implement a prototype of my mechanism.