| 一种分布式协同入侵检测系统的设计与实现 |
| |
| 引用本文: | 段海新,吴建平.一种分布式协同入侵检测系统的设计与实现[J].软件学报,2001,12(9):1375-1379. |
| |
| 作者姓名: | 段海新 吴建平 |
| |
| 作者单位: | 清华大学信息网络工程研究中心 |
| |
| 基金项目: | 国家863高科技发展计划资助项目(863-306-ZD08-01-3) |
| |
| 摘 要: | 提出了一种能够精确描述入侵检测技术的综合分类方法,针对多管理域环境设计了一个分布式协同入侵检测系统(distributedcooperativeintrusiondetectionsystem,简称DCIDS),通过不同管理域IDS(intrusiondetectionsystem)之间高效安全的通信,实现协同检测.介绍了DCIDS的系统结构和4个组成部分:传感器、分析器、管理器以及用户界面,并讨论了系统实现中的安全通信、入侵检测点的选择等关键问题.
|
| 关 键 词: | 网络安全 分布式协同入侵检测 网络管理 认证 访问控制 |
| 收稿时间: | 1999/11/17 0:00:00 |
| 修稿时间: | 1999年11月17 |
Design and Implementation of a Distributed Cooperative Intrusion Detection System |
| |
| DUAN Hai xin and WU Jian ping.Design and Implementation of a Distributed Cooperative Intrusion Detection System[J].Journal of Software,2001,12(9):1375-1379. |
| |
| Authors: | DUAN Hai xin and WU Jian ping |
| |
| Abstract: | An integrative taxonomy for intrusion detection technologies is proposed in this paper, which can specify accurately existing intrusion detection methods. Aiming at multiple-domain environments, a distributed cooperative intrusion detection system (DCIDS) is designed, which implements cooperative intrusion detection through efficient, secure information exchange among IDSes in different domain. The architecture of DCIDS is described, as well as its four components: sensor, analyzer, manager and user-interface. Some key issues are also discussed, including secure communication and selection places. |
| |
| Keywords: | network security distributed cooperative intrusion detection network management authentication access control |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《软件学报》浏览原始摘要信息 |
|
点击此处可从《软件学报》下载全文 |
