共查询到19条相似文献,搜索用时 140 毫秒
1.
凭借着对网络安全行业的深刻理解.曙光公司推出了曙光GodEye—HIDS主机入侵检测系统。根据采集数据源的不同,IDS可分为主机型IDS(Host—based IDS)和网络型IDS(Network-based IDS)两种。IDS作为主机型IDS产品.由于部署在被保护的主机上,所以它具备了其它安全措施所无法比拟的先天优势,HIDS从主机/服务器上采集数据.包括操作系统日志、系统进程,件访问和注册表访问等信息;NIDS则是直接从网络中采集原始的数据包,进行检测。HIDS的检测引擎称为“主机代理”;NIDS的检测引擎称为 相似文献
2.
我们平时在发布网站时,希望及时了解该网站的访问情况,如日均访问、用户使用网站等。如果在网站管理程序中加入该统计功能,就会造成数据库文件庞大,影响用户访问网站速度。其实,在IIS系统里已提供了访问日志记录功能,里面记录了用户访问该网站时的一些信息。 相似文献
3.
提出了云计算环境下的CRUAC访问控制模型。该模型以使用控制模型为基础,引入了角色的概念,并将约束信息加入到决策判定因素中。该模型能够解决使用控制模型中将权限直接分配给用户所带来的系统开发、重用和系统安全管理等复杂性问题,并且为云用户访问不同云服务器上的资源提供了一种解决方案,能够较好地满足云计算环境对访问控制的需求。 相似文献
4.
集中式日志服务器是网络安全管理的重要组成部分,在发现黑客入侵、留存系统运行信息、进行帐号行为的记录和审计等方面具有不可替代的作用。文章提供了windows、Unix和linux操作系统及cisco和华为网络设备日志客户端配置样例;并通过在aix和linux添加shell脚本文件,解决了aix日志未记录成功登录服务器的事件以及aix和linux操作系统不能将帐号操作命令传送到集中式日志服务器的问题。 相似文献
5.
为发现语义Web使用记录中所蕴含的有效信息,本文提出了一种挖掘日志本体频繁Web访问模式的方法。该方法引入应用访问规则集和观察集分别表示日志信息动态变化的语义规则和使用事实,并在DL安全的限定下将日志本体和应用访问规则集相结合构成一个推理过程可判定的混合知识库。在此基础上,利用日志本体中事件整分关系的语义构建访问模式学习的事务模型,并采用ILP的方法学习生成频繁用户访问模式树,解决了推理访问模式中非描述逻辑原子的问题。实验结果表明该方法的可用性和有效性。 相似文献
6.
7.
系统安全中Linux日志的实用研究 总被引:1,自引:0,他引:1
日志对于系统安全极为重要。日志是系统运行的历史记录,通过它可以方便地查找由系统错误或受到的入侵,在Linux系统安全的实际应用中,首先要对日志配置文件进行合理设置,并建立起日志服务器.确保日志文件的安全。在可靠的日志基础上,使用Swatch等日志工具过滤出有用的日志信息,并及时进行处理分析.加强对系统的安全保护。 相似文献
8.
姚雷 《电子产品维修与制作》2009,(17):60-61
在网络维护过程中,我们经常要查看交换机、路由器等设备的日志信息,以便了解和掌握设备的运行状况,并及时发现错误和排出相应的故障,保证网络设备的正常运行。但是由于交换机、路由器等设备存放日志的缓存区(Buffer)有一定的大小限制,而且设备掉电或关机后,其原有的日志信息也会被清空,这样就会造成无法查看到相关日志的局面。另外,如果网络设备较多,就需要管理人员一台一台地登录到每个设备上去查看,很是麻烦。因此,有必要建立一台专门的日志服务器,用其记录所有网络设备的运行状况,集中管理和保存日志相关信息,从而帮助我们及时对设备进行故障定位、 相似文献
9.
在软件开发和系统的运行过程中,日志管理是一个非常重要的部分。本文论述了在开源软件Log4J的基础上设计出适用于特定系统的日志输出组件,为用户提供充分的系统运行信息,同时还将重要的日志信息存入数据库系统,为以后的审计提供依据。该组件被系统中所有的模块所复用,从而减少了系统中大量冗余代码,提高了开发效率和开发的一致性。 相似文献
10.
一种基于Log4J的日志输出组件的设计 总被引:1,自引:0,他引:1
在软件开发和系统的运行过程中,日志管理是一个非常重要的部分.本文论述了在开源软件Log4J的基础上设计出适用于特定系统的日志输出组件,为用户提供充分的系统运行信息,同时还将重要的日志信息存入数据库系统,为以后的审计提供依据.该组件被系统中所有的模块所复用,从而减少了系统中大量冗余代码,提高了开发效率和开发的一致性. 相似文献
11.
《中国邮电高校学报(英文版)》2017,24(6):1-13
To understand website complexity deeply, a web page complexity measurement system is developed. The system measures the complexity of a web page at two levels: transport-level and content-level, using a packet trace-based approach rather than server or client logs. Packet traces surpass others in the amount of information contained. Quantitative analyses show that different categories of web pages have different complexity characteristics. Experimental results show that a news web page usually loads much more elements at more accessing levels from much more web servers within diverse administrative domains over much more concurrent transmission control protocol (TCP) flows. About more than half of education pages each only involve a few logical servers, where most of elements of a web page are fetched only from one or two logical servers. The number of content types for web game traffic after login is usually least. The system can help web page designers to design more efficient web pages, and help researchers or Internet users to know communication details. 相似文献
12.
《Signal Processing, IET》2009,3(4):289-300
Reducing a video sequence containing a human?s face to just a few high-quality face images (Face Log) has a considerable importance in applications related to face processing. This face log can be considered as a concise representation of the video sequence. Producing such a complete face log is the focus of this paper. To decide about the presence of each face in the face log, their quality using four facial features is assessed. Relative quality scores are assigned to these features and then combined into one quality score for each face using a fuzzy inference engine. The authors introduce a method for choosing the M-best images for construction of the face logs. These best images are selected as local maxima in different temporal periods of the sequence. The introduced system has been evaluated using four different datasets including still images and video sequences under various conditions. Experimental results show the success of the system in finding the best face images and using these for producing complete face logs. 相似文献
13.
Internet time synchronization: the network time protocol 总被引:5,自引:0,他引:5
The network time protocol (NTP), which is designed to distribute time information in a large, diverse system, is described. It uses a symmetric architecture in which a distributed subnet of time servers operating in a self-organizing, hierarchical configuration synchronizes local clocks within the subnet and to national time standards via wire, radio, or calibrated atomic clock. The servers can also redistribute time information within a network via local routing algorithms and time daemons. The NTP synchronization system, which has been in regular operation in the Internet for the last several years, is described, along with performance data which show that timekeeping accuracy throughout most portions of the Internet can be ordinarily maintained to within a few milliseconds, even in cases of failure or disruption of clocks, time servers, or networks 相似文献
14.
Dynamic parallel access to replicated content in the Internet 总被引:1,自引:0,他引:1
Popular content is frequently replicated in multiple servers or caches in the Internet to offload origin servers and improve end-user experience. However, choosing the best server is a nontrivial task and a bad choice may provide poor end user experience. In contrast to retrieving a file from a single server, we propose a parallel-access scheme where end users access multiple servers at the same time, fetching different portions of that file from different servers and reassembling them locally. The amount of data retrieved from a particular server depends on the resources available at that server or along the path from the user to the server. Faster servers deliver bigger portions of a file while slower servers deliver smaller portions. If the available resources at a server or along the path change during the download of a file, a dynamic parallel access automatically shifts the load from congested locations to less loaded parts (server and links) of the Internet. The end result is that users experience significant speedups and very consistent response times. Moreover, there is no need for complicated server selection algorithms and load is dynamically shared among all servers. The dynamic parallel-access scheme presented does not require any modifications to servers or content and can be easily included in browsers, peer-to-peer applications or content distribution networks to speed up delivery of popular content. 相似文献
15.
Most error-log analysis studies perform a statistical fit to the data assuming a single underlying error process. The authors present the results of an analysis that demonstrates that the log is composed of at least two error processes: transient and intermittent. The mixing of data from multiple processes requires many more events to verify a hypotheses using traditional statistical analysis. Based on the shape of the interarrival time function of the intermittent errors observed from actual error logs, a failure-prediction heuristic, the dispersion frame technique (DFT), is developed. The DFT was implemented in a distributed system for the campus-wide Andrew file system at Carnegie Mellon University. Data collected from 13 file servers over a 22-month period were analyzed using both the DFT and conventional statistical methods. It is shown that the DFT can extract intermittent errors from the error log and uses only one fifth of the error-log entry points required by statistical methods for failure prediction. The DFT achieved a 93.7% success rate in predicting failures in both electromechanical and electronic devices 相似文献
16.
17.
一种基于Web日志用户浏览模式的数据挖掘 总被引:1,自引:0,他引:1
Web日志中包含了大量的用户浏览信息,如何有效地从其中挖掘出用户浏览兴趣模式是一个重要的研究课题.本文研究了Web日志挖掘的机理,在分析挖掘频繁遍历路径的问题特征和对其进行形式化描述的基础上,进一步提出了一种在Web日志中挖掘频繁遍历路径算法,该算法能够正确、快速地从Web日志中抽取频繁遍历路径. 相似文献
18.
We present a monitoring system for a dynamic network in which a set of domain nodes shares the responsibility for producing and storing monitoring information about a set of visitors. This information is stored persistently when the set of domain nodes grows and shrinks. Such a system can be used to store traffic or other logs for auditing or can be used as a subroutine for many applications to allow significant increases in functionality and reliability. The features of our system include authenticating visitors, monitoring their traffic through the domain, and storing this information in a persistent, efficient, and searchable manner. The storage process is O(log n){hbox{-}}{rm competitive} in the number of network messages with respect to an optimal offline algorithm; we show that this is as good as any online algorithm can achieve and significantly better than many commonly used strategies for distributed load balancing. 相似文献
19.
As it stands today, the Internet is not secure, so the only option is to understand how attacks occur and how best to protect against them. Ways to detect an intrusion and assess what the intruder did must be well thought out. For the most part, they will rely upon the ability of each system on the Internet to keep a log of events. The logs are invaluable for intrusion detection and analysis, indeed, they are basic to all postattack analysis. Authors of the security policy must determine what to log (keeping in mind how the desired level of logging will affect system performance) and how the logs should be analyzed. The logs should note who has entered the system as well as what they have done. Before a detailed examination is made of security methods, the issues affecting security enforcement are reviewed. The detection of intrusion using manual and automatic methods are discussed as are counterattack and damage assessment 相似文献