期刊文献+

联动入侵检测的Linux动态防火墙的设计 被引量:1

Design for Dynamic Firewall Interaction with IDS under Linux
下载PDF
导出
摘要 本文分析了传统安全技术(防火墙、入侵检测)的优势和缺点,指出了防火墙和入侵检测进行联动的必要性,设计了联动入侵检测的动态防火墙,给出了具体的解决方案,并对关键技术进行了分析。该动态防火墙提高了防火墙的实时响应能力,增强了入侵检测的阻断功能,实现了网络的整体防御。 In this paper, we analyze the advantage and disadvantage of the traditional security technologies (firewall, intrusion detection), point out the necessity of linakge of firewall and intrusion detection, design dynamic firewall interacting with IDS, and present a detailed solution and analyze the key technology. The dynamic firewall improves the real-time response capacity of the firewall, strengthens the interdiction function of IDS, realizes the whole defense of the network.
出处 《北京电子科技学院学报》 2006年第4期48-52,共5页 Journal of Beijing Electronic Science And Technology Institute
基金 通信与信息系统北京市重点实验室资助项目(JD100040513)
关键词 入侵检测 联动 IPTABLES 联动控制中心 intrusion detection interaction iptables interaction control center
  • 相关文献

参考文献5

二级参考文献10

  • 1[1]Check Point Software Technologies Ltd., "OPSEC Integration Overview", http://www. checkpoint. com/.
  • 2[2]Check Point Software Technologies Ltd., "Introduction to OPSEC", http://www. checkpoint. com/.
  • 3[3]Steve Lodin, "Intrusion Detection Product Evaluation Criteria",http://www.denmac.com.
  • 4[4]T Ptacek and T.Newsham, "Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection",http://www.sort. org.
  • 5Ray Hunt. Intemet/Intranet firewall security - policy, architecture and transaction services [J]. Computer Communication,1998;21 : 1107 - 1123.
  • 6Ptacek T H. Newsham T N. Insertion, Evasion, and Denial of Service: Eluding Network Intrudion detection[Z]. 1998.
  • 7Ravi S. Sandhu. Authentication, access control, and intrusion detection[J], IEEF. Communications, 1994,32(9) :40 - 48.
  • 8Denning D E. An Intrusion - detection model[J ],IEEE Transactions on software engineering, 1987,13(2) :222 - 231.
  • 9Abdelaziz Mounji,Langtuages and Tools for Rule-Based Ditributed Intrusion Detection. The degree of Doctor of Computer Science Department of Facultes University,Belgioum, 1997.9.
  • 10Techniques Adopted By ' System Grackers' When Attemption To Break Into Corporate or Sensitive Private Network[M]. By the consultants of the Network ,Security Solution Ltd. Front -line Information Security Team(Fist), 1998,12.

共引文献35

同被引文献7

引证文献1

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部