| 基于协议分析的入侵检测算法及体系结构研究 |
| |
| 引用本文: | 李云,傅秀芬.基于协议分析的入侵检测算法及体系结构研究[J].计算机安全,2009(8):15-17. |
| |
| 作者姓名: | 李云 傅秀芬 |
| |
| 作者单位: | 广东工业大学,计算机学院,广东,广州,510006 |
| |
| 基金项目: | 协同入侵检测的数据整合与负载均衡技术研究(06021484) |
| |
| 摘 要: | 传统的基于误用检测的入侵检测系统大多采用简单模式匹配或者是模式匹配的改进方法进行入侵检测。采用模式匹配的入侵检测方法具有匹配的数据量大、误报率和漏报率高的问题。针对这些主要问题,提出了基于协议分析树的通用协议分析入侵检测算法以及基于此算法思想的多Agent并行处理协同工作的入侵检测体系结构,并对其入侵检测性能进行了分析,从理论上证明了其在检测速度上有巨大提高,适合高速网路和下一代网络的需要。
|
| 关 键 词: | 入侵检测(ID) 协议分析 协议分析树 Agent 协同工作 |
Research of Intrusion Detection Algorithm and Architecture Based on Protocol Analysis |
| |
| LI Yun,FU Xiu-fen.Research of Intrusion Detection Algorithm and Architecture Based on Protocol Analysis[J].Network & Computer Security,2009(8):15-17. |
| |
| Authors: | LI Yun FU Xiu-fen |
| |
| Affiliation: | Faculty of Computer;Guangdong University of Technology;Guangzhou;Guangdong 510006;China |
| |
| Abstract: | Most of the traditional intrusion detection systems based on misuse detection method use simple pattern match or improved simple pattern technology to detect the intrusion. There are some problems in the intrusion detection method used pattern match such as the large amount of data needed matching,the high rates of false positives and omissions. The paper focuses on research topics of the algorithm and architecture of a new intrusion detection technology. It describes a general intrusion detection algorithm... |
| |
| Keywords: | Intrusion Detection Protocol Analysis Protocol Analysis Tree Agent Collaborative Work |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
