共查询到20条相似文献,搜索用时 78 毫秒
1.
Snort报文嗅探和报文解析实现的剖析 总被引:2,自引:0,他引:2
Snort是目前最受关注的一个代码开放网络入侵检测系统(NIDS)。报文嗅探是其最基本也是最重要的部分。该文分析了Snort报文嗅探器的工作方式和工作过程,对Snort报文嗅探和报文解析的实现进行了分析。 相似文献
2.
如何在高速网络环境下实现线速的报文捕获以及上层的安全应用,一直是研究的热点。前期用内存映射和零拷贝等方法实现了基于千兆网卡的高速报文捕获平台NACP,在此基础上,通过使用IP地址的分布与系统资源的使用情况等作为检测参数,在snort工具上实现了防DDoS攻击的入侵检测系统。在NACP上的实验表明,改进的DDoS入侵检测工具snort与高速报文捕获平台兼容性良好,发生DDoS时能迅速检测到并且做出恰当的回应。由于使用了高速报文捕获平台,DDoS检测占用系统资源明显减少,很大程度上提高了系统的效率,系统可以在入侵检测的同时处理其他的事务。 相似文献
3.
4.
传统报文捕获平台性能影响因素分析 总被引:3,自引:0,他引:3
目前网络带宽日益增大,普通网络报文捕获平台已经成为大规模宽带网络的入侵检测系统,宽带网络防火墙,高性能路由器等工程的瓶颈。对于日益发展的高速网络,迫切需要分析出普通报文捕获平台的性能瓶颈,研究出高速通信接口,以便有效地提高主机服务器的响应速度。 相似文献
5.
Snort数据包捕获性能的分析与改进 总被引:4,自引:0,他引:4
基于Snort的入侵检测系统运行在Linux操作系统平台,捕获数据包的工作是借助Libpcap由Linux操作系统内核完成的。要提高入侵检测系统的效率,首先要保证捕获数据包的效率。本文对Linux的数据包捕获机制进行分析,然后利用NAPI技术和内存映射技术对Snort进行改进。试验结果表明,使用NAPI和内存映射技术后,Snort系统的性能得到明显的改善。 相似文献
6.
在网络入侵检测系统中,通常需要在内存中开辟缓冲区对网络报文进行采集和分析,但是传统的读写缓冲区的互斥机制在高速网络环境中的效率都不甚理想,无法满足对高速IDS系统的性能需求。该文提出的一种基于并发锁机制的双缓冲区互斥机制可以改善传统锁机制的资源利用率,很好地解决了报文到达流和报文处理能力之间的性能瓶颈问题,显著地提高了IDS系统的性能。 相似文献
7.
8.
9.
基于Linux系统的报文捕获技术研究 总被引:6,自引:0,他引:6
网络带宽的不断增加对报文捕获技术提出了挑战。在对Linux系统下传统报文捕获机制深入剖析的基础上,量化分析了报文捕获过程中的性能瓶颈。针对性能瓶颈提出了优化和改进捕包性能的方案。 相似文献
10.
基于以太网的数据监听方法研究与实现 总被引:2,自引:0,他引:2
纪彦星 《计算机与数字工程》2010,38(8):160-164
数据监听是网络数据分析的基础,网络报文捕获作为数据监听的关键技术,被广泛的应用于分布式实时控制系统、网络故障分析、入侵检测系统、计算机取证系统等领域。通过对网络数据监听原理、报文捕获技术的总结和分析,研究了在不同应用环境下实现网络监听的方法,并对网络数据监听技术最新发展情况进行了介绍。 相似文献
11.
S. Shaw 《Journal of Computer Assisted Learning》1993,9(2):93-99
Abstract This paper describes an approach to the design of interactive multimedia materials being developed in a European Community project. The developmental process is seen as a dialogue between technologists and teachers. This dialogue is often problematic because of the differences in training, experience and culture between them. Conditions needed for fruitful dialogue are described and the generic model for learning design used in the project is explained. 相似文献
12.
European Community policy and the market 总被引:1,自引:0,他引:1
C. Lloyd 《Journal of Computer Assisted Learning》1993,9(2):86-91
Abstract This paper starts with some reflections on the policy considerations and priorities which are shaping European Commission (EC) research programmes. Then it attempts to position the current projects which seek to capitalise on information and communications technologies for learning in relation to these priorities and the apparent realities of the marketplace. It concludes that while there are grounds to be optimistic about the contribution EC programmes can make to the efficiency and standard of education and training, they are still too technology driven. 相似文献
13.
融合集成方法已经广泛应用在模式识别领域,然而一些基分类器实时性能稳定性较差,导致多分类器融合性能差,针对上述问题本文提出了一种新的基于多分类器的子融合集成分类器系统。该方法考虑在度量层融合层次之上通过对各类基多分类器进行动态选择,票数最多的类别作为融合系统中对特征向量识别的类别,构成一种新的自适应子融合集成分类器方法。实验表明,该方法比传统的分类器以及分类融合方法识别准确率明显更高,具有更好的鲁棒性。 相似文献
14.
Wayne O’Brien Author Vitae 《Journal of Systems and Software》2008,81(11):1997-2013
Development of software intensive systems (systems) in practice involves a series of self-contained phases for the lifecycle of a system. Semantic and temporal gaps, which occur among phases and among developer disciplines within and across phases, hinder the ongoing development of a system because of the interdependencies among phases and among disciplines. Such gaps are magnified among systems that are developed at different times by different development teams, which may limit reuse of artifacts of systems development and interoperability among the systems. This article discusses such gaps and a systems development process for avoiding them. 相似文献
15.
This paper presents control charts models and the necessary simulation software for the location of economic values of the control parameters. The simulation program is written in FORTRAN, requires only 10K of main storage, and can run on most mini and micro computers. Two models are presented - one describes the process when it is operating at full capacity and the other when the process is operating under capacity. The models allow the product quality to deteriorate to a further level before an existing out-of-control state is detected, and they can also be used in situations where no prior knowledge exists of the out-of-control causes and the resulting proportion defectives. 相似文献
16.
Going through a few examples of robot artists who are recognized worldwide, we try to analyze the deepest meaning of what
is called “robot art” and the related art field definition. We also try to highlight its well-marked borders, such as kinetic
sculptures, kinetic art, cyber art, and cyberpunk. A brief excursion into the importance of the context, the message, and
its semiotics is also provided, case by case, together with a few hints on the history of this discipline in the light of
an artistic perspective. Therefore, the aim of this article is to try to summarize the main characteristics that might classify
robot art as a unique and innovative discipline, and to track down some of the principles by which a robotic artifact can
or cannot be considered an art piece in terms of social, cultural, and strictly artistic interest.
This work was presented in part at the 13th International Symposium on Artificial Life and Robotics, Oita, Japan, January
31–February 2, 2008 相似文献
17.
David Poole 《Computational Intelligence》1989,5(2):97-110
Although there are many arguments that logic is an appropriate tool for artificial intelligence, there has been a perceived problem with the monotonicity of classical logic. This paper elaborates on the idea that reasoning should be viewed as theory formation where logic tells us the consequences of our assumptions. The two activities of predicting what is expected to be true and explaining observations are considered in a simple theory formation framework. Properties of each activity are discussed, along with a number of proposals as to what should be predicted or accepted as reasonable explanations. An architecture is proposed to combine explanation and prediction into one coherent framework. Algorithms used to implement the system as well as examples from a running implementation are given. 相似文献
18.
Watts S. Humphrey 《Annals of Software Engineering》2002,14(1-4):39-72
This paper provides the author's personal views and perspectives on software process improvement. Starting with his first work on technology assessment in IBM over 20 years ago, Watts Humphrey describes the process improvement work he has been directly involved in. This includes the development of the early process assessment methods, the original design of the CMM, and the introduction of the Personal Software Process (PSP)SM and Team Software Process (TSP){SM}. In addition to describing the original motivation for this work, the author also reviews many of the problems he and his associates encountered and why they solved them the way they did. He also comments on the outstanding issues and likely directions for future work. Finally, this work has built on the experiences and contributions of many people. Mr. Humphrey only describes work that he was personally involved in and he names many of the key contributors. However, so many people have been involved in this work that a full list of the important participants would be impractical. 相似文献
19.
基于复小波噪声方差显著修正的SAR图像去噪 总被引:4,自引:1,他引:3
提出了一种基于复小波域统计建模与噪声方差估计显著性修正相结合的合成孔径雷达(Synthetic Aperture Radar,SAR)图像斑点噪声滤波方法。该方法首先通过对数变换将乘性噪声模型转化为加性噪声模型,然后对变换后的图像进行双树复小波变换(Dualtree Complex Wavelet Transform,DCWT),并对复数小波系数的统计分布进行建模。在此先验分布的基础上,通过运用贝叶斯估计方法从含噪系数中恢复原始系数,达到滤除噪声的目的。实验结果表明该方法在去除噪声的同时保留了图像的细节信息,取得了很好的降噪效果。 相似文献
20.
R. NOSS 《Journal of Computer Assisted Learning》1987,3(1):2-12
Abstract This paper considers some results of a study designed to investigate the kinds of mathematical activity undertaken by children (aged between 8 and 11) as they learned to program in LOGO. A model of learning modes is proposed, which attempts to describe the ways in which children used and acquired understanding of the programming/mathematical concepts involved. The remainder of the paper is concerned with discussing the validity and limitations of the model, and its implications for further research and curriculum development. 相似文献