| 基于代理的网络会话取证与监控系统 |
| |
| 引用本文: | 陈海涛,龚正虎,胡华平,岳虹.基于代理的网络会话取证与监控系统[J].深圳大学学报(理工版),2001,18(4):54-62. |
| |
| 作者姓名: | 陈海涛 龚正虎 胡华平 岳虹 |
| |
| 作者单位: | 国防科技大学计算机学院, |
| |
| 基金项目: | 国家863基金资助项目(8063010601) |
| |
| 摘 要: | 在分析现有网络会话记录系统存在问题的基础上,提出一种基于代理的分布式网络会话取证和可视化监控体系结构,设计了一种新方法可巧妙实现网络会话的解析,即通过修改网络服务客户端正的底层接收部分,使其不从操作系统的TCP/IP协议栈获取报数据,而是从捕获的报中接收数据,然后从其输出中获得解析结果。介绍了已实现的基于代理的网络会话取证和可视化监控系统的总体设计与组成,讨论了实现该系统的关键技术。
|
| 关 键 词: | 网络会话 取证代理 中心监控服务器 网络安全 网络入侵 网络会话取证与监控系统 |
| 文章编号: | 1000-2618(2001)04-0054-09 |
| 修稿时间: | 2001年8月1日 |
The Study and Realization of Network Session Recording and Supervising System Based on Agents |
| |
| CHEN Hai-tao,GONG Zhen-hu,HU Hua-ping and YUE Hong.The Study and Realization of Network Session Recording and Supervising System Based on Agents[J].Journal of Shenzhen University(Science &engineering),2001,18(4):54-62. |
| |
| Authors: | CHEN Hai-tao GONG Zhen-hu HU Hua-ping and YUE Hong |
| |
| Affiliation: | School of Computer Science National University of Defense Technology Changsha 410073 P. R. China |
| |
| Abstract: | The recording and analyzing of network session is an important intrusion detection tech- nology. Having analyzed the problems of the existing network session recording system, we put for- ward an agent-based distributed network session recording and visual supervising architecture, in which the bottom receiving part of the usual network service client software is modified to receive da- ta from the captured packet instead of the TCP/IP stack of the OS. The design and composition of the Agent-based Network Session Recording and Visual Supervising System (ANSRVSS) is presen- ted, and the key technology in ANSRVSS implementation is discussed. |
| |
| Keywords: | network session evidence-collected agent center monitoring and controlling server visualization |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
