| 入侵检测数据的获取和整理探讨 |
| |
| 引用本文: | 范海绍.入侵检测数据的获取和整理探讨[J].计算机应用与软件,2007,24(6):165-166,189. |
| |
| 作者姓名: | 范海绍 |
| |
| 作者单位: | 浙江工商职业技术学院信息工程系,浙江,宁波,315012 |
| |
| 摘 要: | 本文讨论入侵检测数据的获取途径、方法、工具及获取数据的清理、规格化和数据转移至数据库的方法.基于网络的数据获取有网络端口数据包获取和分布式网络数据的获取.基于主机的数据获取有系统日志、注册表信息、活动目录信息等.所用工具包括Windows2003命令行工具、Wmic、C#、SQL Server和自由软件Ethereal等.
|
| 关 键 词: | 入侵检测 数据获取 数据整理 入侵 检测数据 整理 INTRUSION DETECTION CLEANING Ethereal 自由软件 Server 命令行 工具包 目录信息 活动 注册表 系统日志 基于主机 网络数据 分布式 数据包 网络端口 数据获取 |
| 修稿时间: | 2005-05-30 |
DATA OBTAINING AND CLEANING UP FOR INTRUSION DETECTION |
| |
| Fan Haishao.DATA OBTAINING AND CLEANING UP FOR INTRUSION DETECTION[J].Computer Applications and Software,2007,24(6):165-166,189. |
| |
| Authors: | Fan Haishao |
| |
| Affiliation: | Computer and Information Engineering Department,Zhejiang Business Technology Institute, Ningbo 315012 ,Zhejiang, China |
| |
| Abstract: | The way, method, tool of data obtaining, cleaning, standardization and shifting to database for intrusion detection are discussed.Network data obtaining includes obtaining data from network port and from distributed network system. There are several ways of obtaining data based on host computer, such as obtaining systematic daily record, information of the registration table, activity directory information, etc.Command Line in Windows 2003 Server, WMIC, C#, SQL Server and free software Ethereal are used. |
| |
| Keywords: | Intrusion detection Data obtaining Data cleaning up |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
