| Snort入侵检测系统中数据包捕获模块的分析与设计 |
| |
| 引用本文: | 李康,辛阳,朱洪亮.Snort入侵检测系统中数据包捕获模块的分析与设计[J].信息网络安全,2012(10):23-28. |
| |
| 作者姓名: | 李康 辛阳 朱洪亮 |
| |
| 作者单位: | 北京邮电大学信息安全中心,北京 100876 |
| |
| 基金项目: | 中央高校基本科研业务费专项资金[2012RC0215、2012RC0216] |
| |
| 摘 要: | 随着网络的高速发展,网络带宽得到了极大的提升。高速网络环境下对入侵检测系统提出了更高的要求,其中入侵检测系统的数据包捕获能力成为其发展的瓶颈。目前大多数系统使用传统的Libpcap库来实现数据包捕获功能,文章对一个基于Snort入侵检测系统中数据包捕获模块进行了分析设计,给出了设计架构,详细说明了工作流程,并对系统的性能进行了对比分析。
|
| 关 键 词: | 入侵检测 Snort PF_RING 零拷贝 NAPI 数据包采 |
Analysis and Design of Packet Capture Module in Intrusion Detection System based on Snort |
| |
| LI Kang,XIN Yang,ZHU Hong-liang.Analysis and Design of Packet Capture Module in Intrusion Detection System based on Snort[J].Netinfo Security,2012(10):23-28. |
| |
| Authors: | LI Kang XIN Yang ZHU Hong-liang |
| |
| Affiliation: | (Information Security Center,Beijing University of Posts and Telecommunications,Beijing 100876,China) |
| |
| Abstract: | With the rapid development of the network,network bandwidth has been greatly improved.In high speed network environment,higher requirement is needed to the Intrusion Detection System(IDS).The packet capture capability of IDS has become the bottleneck to enhance the system performance.At present most IDS apply Libpcap to capture packet.This paper analyzes and designes an packet caputure module in IDS based on Snort,and then shows the design structure and work process.At last this paper analyzes the system performance by comparison. |
| |
| Keywords: | intrusion detection snort PF_RING zero copy NAPI packet capture |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
