|
|||||
|
|
| 基于部件的分布式入侵检测系统 | |
| 引用本文: | 张建伟,卢昱,朱代祥.基于部件的分布式入侵检测系统[J].装备指挥技术学院学报,2001,12(5):52-56. |
| 作者姓名: | 张建伟 卢昱 朱代祥 |
| 作者单位: | 1. 装备指挥技术学院电子工程系 2. 装备指挥技术学院科研部 3. 装备指挥技术学院研究生队 |
| 摘 要: | 入侵检测技术是继“防火墙”、“数据加密”等传统安全保护措施之后新一代的安全保障技术.它对计算机和网络资源上的恶意使用行为进行识别和响应,不仅检测来自外部的入侵行为,也监督内部用户的未授权活动.提出一种基于部件的入侵检测系统,具有良好的分布性和可扩展性.它将基于网络和基于主机的入侵检测系统有机地结合在一起,提供集成化的检测、报告和响应功能.在网络引擎的实现上,使用了协议分析和模式匹配相结合的方法,有效地减少了目标的匹配范围,同时改进了匹配算法,使网络引擎具有更好的实时性能. |
| 关 键 词: | 计算机安全 分布式 入侵检测 模式匹配 |
| 修稿时间: | 2001年5月29日 |
A Component-Based Distributed Intrusion Detection System |
|
| ZHANG Jian\|wei.A Component-Based Distributed Intrusion Detection System[J].Journal of the Academy of Equipment Command & Technology,2001,12(5):52-56. | |
| Authors: | ZHANG Jian\|wei |
| Abstract: | The intrusion detection is a new security technology, apart from tradition security protect technology, such as firewall and data crypt. IDSs watch the computer and network traffic for intrusion and suspicious activities. They not only detect the intrusion from the extranet hacker, but also the intranet users. This paper describes a component based intrusion detection system, which has good distribute and scalable ability. It combines the network based IDS and host based IDS into a system, and provides detection, report and response together. In the implement of the network engine, the combination of network protocol analyze and pattern match technology is used, and reduce scope to search. We also improved pattern match algorithm, the network engine can search intrusion signal more quickly. |
| Keywords: | computer security distributed intrusion detection pattern match |
| 本文献已被 CNKI 万方数据 等数据库收录! | |
