资料下载
分布式入侵检测系统的设计
王尚岱
分享资料个
入侵检测是网络安全的一个新方向,其重点是有效地提取特征数据并准确地分析出非正常网络行为。该文在深入研究分析公共入侵检测框架理论和现有入侵检测系统实现策略的基础上,提出一种基于部件的入侵检测系统,具有良好的分布性能和可扩展性。它将网络和主机的入侵检测系统有机地结合在一起,提供了集成化的检测、报告和响应功能。
关 键 词 入侵检测; 通用模型; 模式匹配; 事件
Abstract Intrusion Detection is a newly developed area of network security. The main issue in this area is how to pick-up and analyze the information which contains abnormal network behavior characteristic. In this paper, basing on the research of CIDF and the implement strategy of intrusion Detection System, we design a component-based Intrusion Detection System, which has good distribute and scalable ability. It combine the network-based IDS and host-based IDS into a system, and provide detection, report and respond together.
Key words instrusion detection; common instrusion detection frame; pattern match; event
声明:本文内容及配图由入驻作者撰写或者入驻合作网站授权转载。文章观点仅代表作者本人,不代表电子发烧友网立场。文章及其配图仅供工程师学习之用,如有内容侵权或者其他违规问题,请联系本站处理。 举报投诉
- 相关下载
- 相关文章
