| 分布式协同入侵检测——系统结构设计与实现问题 |
| |
| 引用本文: | 段海新,吴建平.分布式协同入侵检测——系统结构设计与实现问题[J].小型微型计算机系统,2001,22(6):646-650. |
| |
| 作者姓名: | 段海新 吴建平 |
| |
| 作者单位: | 清华大学网络工程研究中心北京 100084 |
| |
| 基金项目: | 国家863"高速IP网络安全监控系统”计划资助(编号863-306-ZD08-01-3) |
| |
| 摘 要: | 本文首先对现有入侵检测技术提出了一种综合分类方法,分析了大规模、多管理域网络环境对入侵检测的特殊需求,在此基础上设计了一个分布式协同入侵检测系统(DCIDS),文中具体介绍了系统的四个组成部分;传感器、分析器、管理器和用户界面,并讨论了系统实现中的通信、与网络管理系统的集成、入侵检测点的选择等关键技术问题。
|
| 关 键 词: | 网络安全 分布式协同入侵检测 网络管理 认证 访问控制 计算机网络 |
| 文章编号: | 1000-1220(2001)06-0646-04 |
DISTRIBUTED COOPERATIVE INTRUSION DETECTION: ARCHITECTURE DESIGN AND IMPLEMENTATION ISSUES |
| |
| DUAN,Hai,xin,WU,Jian,ping.DISTRIBUTED COOPERATIVE INTRUSION DETECTION: ARCHITECTURE DESIGN AND IMPLEMENTATION ISSUES[J].Mini-micro Systems,2001,22(6):646-650. |
| |
| Authors: | DUAN Hai xin WU Jian ping |
| |
| Abstract: | An integrated method for classifying existing intrusion detection technology is proposed firstly in this paper. Based on the requirement analysis of intrusion detection in large scale, multiple domain environments, an architecture for distributed cooperative intrusion detection system(DCIDS) is presented. Four components of this architecture, sensor, analyzer, manager and user interface are described , and some key issues are discussed, including efficiency and security of communication , integration with network management systems, and selection of detection placement. |
| |
| Keywords: | Network security Distributed cooperative intrusion detection Network management Authentication Access control |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
