| 小IP报文攻击的入侵检测方法研究 |
| |
| 引用本文: | 卞小香,张晓山,刘星成.小IP报文攻击的入侵检测方法研究[J].计算机工程与应用,2007,43(17):119-122. |
| |
| 作者姓名: | 卞小香 张晓山 刘星成 |
| |
| 作者单位: | 中山大学 电子与通信工程系,广州 510275 |
| |
| 基金项目: | 国家自然科学基金
,
广东省自然科学基金
,
广东省科技厅科技计划 |
| |
| 摘 要: | 入侵检测技术是网络安全领域中的新技术,但它发展还不成熟,很多攻击方法利用它的缺陷进行攻击。其中小IP报文攻击利用Windows和Linux对有数据重叠的报文处理方式不一样进行攻击。论文提出了小IP报文攻击的入侵检测方法,并采用Snort工具进行实验,使得Snort和被保护主机对有数据重叠的报文的处理方式一致,从而使Snort发生误报、漏报的次数明显减少,为实现网络安全提供了有益的借鉴。
|
| 关 键 词: | 网络安全 入侵检测 IP报文攻击 |
| 文章编号: | 1002-8331(2007)17-0119-04 |
| 修稿时间: | 2006-11 |
Study on intrusion detection for the small IP packet attack |
| |
| BIAN Xiao-xiang,ZHANG Xiao-shan,LIU Xing-cheng.Study on intrusion detection for the small IP packet attack[J].Computer Engineering and Applications,2007,43(17):119-122. |
| |
| Authors: | BIAN Xiao-xiang ZHANG Xiao-shan LIU Xing-cheng |
| |
| Affiliation: | Department of Electrical and Communication Engineering,Sun Yat-Sen University,Guangzhou 510275,China |
| |
| Abstract: | Intrusion detection technology is a new technology in network security area.However,it is still very immature.Many malicious network attack methods make use of its drawbacks to initiate attacks.Small IP packet attack makes use of the difference between Windows and Linux when they deal with the data-overlapped packets.This paper puts forward a method that detects IP packet attacks,performs an experiment using Snort,and makes Snort act the same way as the protected host when they deal with the data-overlapped packets.As a result,the times that Snort misinforms or fails to report attack reduce.The approach provides useful reference for constructing secure network systems. |
| |
| Keywords: | network security intrusion detection IP packet attack |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程与应用》浏览原始摘要信息 |
|
点击此处可从《计算机工程与应用》下载全文 |
