| 面向入侵检测的网络安全监测实现模型 |
| |
| 引用本文: | 龚俭,董庆,陆晟.面向入侵检测的网络安全监测实现模型[J].小型微型计算机系统,2001,22(2):145-148. |
| |
| 作者姓名: | 龚俭 董庆 陆晟 |
| |
| 作者单位: | 东南大学计算机系 南京 210096 |
| |
| 基金项目: | 本课题受“863-317-01-03-99’课题资助 |
| |
| 摘 要: | 本文提出了一种面向入侵监测的网络安全监测模型,它由数据采集、决策分析和分析机三个独立的部分以层次方式构成,能够对已知的网络入侵方式进行有效地实时监测。文章给出了基于安全分析机概念和安全知识表达方法,并对扫描(scan),terdrop,land等常见攻击方式进行了特征刻划,此外,论文还对安全监测系统设计中应当考虑的问题,如报警问题进行了讨论。
|
| 关 键 词: | 入侵检测 报警机制 网络安全监测系统 计算机网络 |
| 文章编号: | 1000-1220(2001)02-0145-04 |
AN IMPLEMENTATION MODEL OF
NETWORK MONITORING FOR MISUSE DETECTION |
| |
| GONG,Jian,DONG,Qing,LU,Sheng.AN IMPLEMENTATION MODEL OF
NETWORK MONITORING FOR MISUSE DETECTION[J].Mini-micro Systems,2001,22(2):145-148. |
| |
| Authors: | GONG Jian DONG Qing LU Sheng |
| |
| Affiliation: | Computer Department of Southeast University Nanjing 210096 |
| |
| Abstract: | An implementation model of network monitoring for misuse detection is proposed in this paper. The model contains three hierarchically related functional components: data collecting, analysis decision, and analyzer, which can be effectively used to detect known misuses in a real time way. A security knowledge expression method based on the concept of analyzer is introduced, and is applied to three well known attacks, scan, teardrop, and land as examples. Some other implementation issues like response mechanism are mentioned as well. |
| |
| Keywords: | Network security Network monitoring Misuse detection Scan Teardrop Land Response mechant |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
