期刊文献+

协议分析技术在入侵检测中的应用 被引量:10

Application of Protocol Analysis Technology in IDS
下载PDF
导出
摘要 入侵检测技术是安全防护的重要手段,但是传统的入侵检测系统在高速网络环境下由于误报率和漏报率过高而难以满足实际需要。文中分析了基于模式匹配的入侵检测系统的不足,提出了把协议分析技术和模式匹配技术相结合的检测模型,最后讨论了一种对入侵检测系统的规则库进行精简的方法。这些方法提高了检测准确率和效率,使得入侵检测系统能够适应高速网络环境。 Intrusion detection technique is an important safety precaution, but the current intrusion detection system can't meet the actual demands because of the defect of high false alarm and false negative rates in high - speed network. Analyzes the limitations of intrusion detection system which is based on pattern matching, puts forward a model which protocol analysis and pattern matching are combined, and discusses a method to reduce the signature library of intrusion detection system. These methods can enhance the accuracy and efficiency of detection, and make intrusion detection system adapt to high-speed network.
出处 《计算机技术与发展》 2007年第2期239-241,244,共4页 Computer Technology and Development
关键词 入侵检测系统 模式匹配 协议分析 规则库 intrusion detection system pattern matching protocol analysis signature library
  • 相关文献

参考文献5

二级参考文献21

  • 1Kenneth D.Reed.Protocol Analysis,WB77.0[M].WestNet.Inc,2001 George Coulouris,Jean Dollimore,Tim Kindber.Distributed Systems Concepts and Design[M].Pearson Education,2001.
  • 2J.P.Marques de Sa. Pattern Recognition Concepts,Methods and Applications [ M ].New York : Springer-Verlag, 2002.
  • 3Douglas E.Comer,David LStevens.Intemetworking with TCP/IP Vol II :Design,Implementation,and Internals (Third Edition) [M ].Prentice-Hell.Inc, 1999.
  • 4Tarck Abbes,Adel Bouhould,Michael Rusinowich. Protocol Analisis Intrusion Detection Using Decision.2004,1TCC/04.
  • 5薛静锋 宁宇鹏 阎慧.入侵检测技采[M].北京:机械工业出版社,2004..
  • 6美国国家安全局发布.信息保障技术框架(3.0版)[C].北京:北京中软电子出版社,2004..
  • 7Denning.D.An Intrusion Detection Model.IEEE Transactions on Software Engineering.1987,13(2) :222-232.
  • 8Next Generation Intrusion Detection Expert System(NIDES).http://www.sdl.sri.com/proiects/nides/index.html.
  • 9[美]Terry Escamilla 吴焱等(译).入侵者检测[M].北京:电子工业出版社,1999..
  • 10[美]Rebecca Gurley Bace 陈明奇等(译).入侵检测[M].北京:人民邮电出版社,2001..

共引文献27

同被引文献69

引证文献10

二级引证文献17

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部