| 基于ECA规则的入侵检测研究 |
| |
| 引用本文: | 高秀峰,胡昌振. 基于ECA规则的入侵检测研究[J]. 计算机工程, 2005, 31(16): 132-134 |
| |
| 作者姓名: | 高秀峰 胡昌振 |
| |
| 作者单位: | 北京理工大学机电工程学院,北京100081;北京理工大学机电工程学院,北京100081 |
| |
| 摘 要: | 入侵检测系统一般只对入侵行为所引起的事件或系统特征进行分析,而往往忽略了入侵事件间的关联特征,以及入侵事件和系统状态间的联系。文章将ECA规则引入到入侵检测系统中,同时对系统动态特性和静态特性进行了分析,从而提高入侵检测的能力。
|
| 关 键 词: | 入侵检测 ECA规则 入侵事件 |
| 文章编号: | 1000-3428(2005)16-0132-03 |
| 收稿时间: | 2004-06-26 |
| 修稿时间: | 2004-06-26 |
Study of Intrusion Detection Based on ECA Rule |
| |
| Gao xiufeng,HU Changzhen. Study of Intrusion Detection Based on ECA Rule[J]. Computer Engineering, 2005, 31(16): 132-134 |
| |
| Authors: | Gao xiufeng HU Changzhen |
| |
| Abstract: | Currently, the intrusion detection system only analyzes system signature or events resulted by intrusion behavior. But it ignores the conjunction among intrusion events and the relation between intrusion event and system state. The ECA rules are applied to IDS in this paper. When dynamic characteristic and static characteristic are analyzed at the same time, the capability of IDS is greatly improved. |
| |
| Keywords: | Intrusion detection ECA rule Intrusion events |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
