| 基于系统调用的入侵检测方法研究 |
| |
| 引用本文: | 杨路明,符鹤.基于系统调用的入侵检测方法研究[J].现代电子技术,2005,28(4):36-39. |
| |
| 作者姓名: | 杨路明 符鹤 |
| |
| 作者单位: | 中南大学,信息科学与工程学院,湖南,长沙,410083 |
| |
| 摘 要: | 系统调用是操作系统和用户程序的接口,任何程序都必须通过系统调用才能执行,针对系统调用进行入侵检测的实施.能增加入侵检测的准确性和正确性,并使实时监测和分层安全成为可能。本文分析了在系统调用层面上实现入侵检测的可能性和优越性,详细阐明了目前各种基于系统调用入侵检测的方法和性能比较,讨论了基于系统调用入侵检测研究的发展趋势。
|
| 关 键 词: | 入侵检测 系统调用 特权进程 分层安全 |
| 文章编号: | 1004-373X(2005)04-036-04 |
| 修稿时间: | 2004年10月17 |
Research of Intrusion Detection Based on System Call |
| |
| YANG Luming,FU He.Research of Intrusion Detection Based on System Call[J].Modern Electronic Technique,2005,28(4):36-39. |
| |
| Authors: | YANG Luming FU He |
| |
| Abstract: | System calls are the interface between operating system and user programs Execution of each program must use some system calls So the implementation of intrusion detection using system calls will improve the accuracy and correctness It also makes realtime monitoring and layeredsecurity possible This paper first analyses the possibility and advantages of system call based on intrusion detection Then it describes some kinds of system call based on intrusion detection techniques in detail and compares performances of some methods Finally, the future direction in this field is discussed |
| |
| Keywords: | intrusion detection system call privileged process layered-security |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
