| 入侵检测系统评估技术研究 |
| |
| 引用本文: | 董晓梅,肖珂,于戈.入侵检测系统评估技术研究[J].小型微型计算机系统,2005,26(4):568-571. |
| |
| 作者姓名: | 董晓梅 肖珂 于戈 |
| |
| 作者单位: | 东北大学,信息科学与工程学院,辽宁,沈阳,110004 |
| |
| 基金项目: | 国家“八六三”计划CIMS主题(2003AA414210)资助,国家自然科学基金(60173051)资助,教育部优秀青年教师科研教学奖励计划资助,教育部高等学校博士学科点专项科研基金(20030145029)资助. |
| |
| 摘 要: | 随着对入侵检测技术的深入研究和入侵检测产品的广泛应用,对入侵检测系统的评估技术的研究成为一个重要的研究领域.介绍了入侵检测评估的相关工作,讨论了对入侵检测系统进行评估时的主要评价指标,提出了一个入侵检测系统的评估系统.评估系统由主控模块统一控制,主控模块分别对流量控制模块和攻击模拟模块进行调度.对评估环境中所有的数据进行记录,作为评估模块的输入.该系统实现了网络流量和主机使用模拟、攻击模拟以及评估报告的生成等功能。
|
| 关 键 词: | 网络安全 入侵检测 评估 仿真 攻击 |
| 文章编号: | 1000-1220(2005)04-0568-04 |
Study on Evaluation Techniques of Intrusion Detection Systems |
| |
| DONG Xiao-mei,Xiao Ke,YU Ge.Study on Evaluation Techniques of Intrusion Detection Systems[J].Mini-micro Systems,2005,26(4):568-571. |
| |
| Authors: | DONG Xiao-mei Xiao Ke YU Ge |
| |
| Abstract: | With the deeply research on intrusion detection techniques and the widely use of intrusion detection products, the study of evaluation techniques of intrusion detection systems became important. In the paper, relative works of the evaluation of intrusion detection systems was introduced. The primary aspects of intrusion detection systems in an evaluation were discussed. An evaluation system for intrusion detection systems was proposed. In the system, a supervisor module controls the whole system. The supervisor module schedules the traffic control module and the attack emulation module. The data in the evaluation environment are recorded and input to the evaluation module. The functions such as emulation of network traffic and host usage, emulation of attacks and evaluation report generation are implemented. |
| |
| Keywords: | network security intrusion detection evaluation emulation attack |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
