| 一种面向检测的攻击分类方法及在IDS中的应用 |
| |
| 引用本文: | 向尕,曹元大.一种面向检测的攻击分类方法及在IDS中的应用[J].计算机工程,2004,30(11):94-95,173. |
| |
| 作者姓名: | 向尕 曹元大 |
| |
| 作者单位: | 1. 北京理工大学计算机科学工程系,北京,100081
2. 北京理工大学,软件学院,北京,100081 |
| |
| 摘 要: | 对攻击进行分类,可以使攻击检测系统化,有助于构造高效的检测方法,从而改善IDS的性能。该文提出一种以IDS可直接收集的数据为基础、面向检测的攻击分类方法。进而将该方法应用于所有可在IDS网络数据源中检测出的攻击,提出DetectClass分类方法,用Z语言描述并证明其正确性;接着据此构造相应的检测方法。基于DetectClass攻击分类方法,设计开发原型系统DC-NIDS。
|
| 关 键 词: | 入侵检测系统 面向检测的攻击分类 检测方法 |
| 文章编号: | 1000-3428(2004)11-0094-02 |
A Detection-oriented Attack Classification and Its Application in IDS |
| |
| XIANG Ga,CAO Yuanda.A Detection-oriented Attack Classification and Its Application in IDS[J].Computer Engineering,2004,30(11):94-95,173. |
| |
| Authors: | XIANG Ga CAO Yuanda |
| |
| Affiliation: | XIANG Ga1,CAO Yuanda2 |
| |
| Abstract: | Attack classification helps to build efficient and realtime intrusion detection method. In this paper, a detection-oriented attack classification method, based on data that IDS can collect directly, is proposed. Then the method is applied to classify attack that can be detected through network packet. DetectClass attack classification method is presented, and corresponding detection method is given. At last, a prototype system is designed and implemented. |
| |
| Keywords: | Intrusion detection system(IDS) Detection-oriented attack classification Detection method |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
