基于网络入侵检测的分析与研究

首先从网络入侵检测的概念、方法和入侵检测系统的分类入手,分析与总结了目前入侵检测系统和相关技术,指出现在的入侵检测系统存在的缺点一误报和漏报的矛盾、海量信息与分析代价的矛盾等.最后探讨了入侵检测技术的发展方向.     

MANET入侵检测技术的研究

移动自组网(MANET)是由移动节点自组织形成的无线网络,由于其动态拓扑的特点,容易遭受各种安全威胁,而入侵检测技术能有效地保障移动自组网的安全.对已有的分级入侵检测技术进行分析,提出一种基于区域分级的入侵检测系统(IDS),避免了对节点的重复监控及尺寸小的簇的形成,减少了节点的运算负荷与通信负荷,提高了簇头的稳定性,避免簇头频繁选举带来更多的资源消耗.     

基于入侵检测技术的MANET安全研究

入侵检测系统可显著提高移动自组网络的安全水平。文中分析了MANET的IDS的特点,并对IDS一些典型安全方案的研究现状进行分类阐述,分析了各种方案的优点和缺点。阐明目前研究存在的问题,并提出了相应的改进方法,且讨论了后续的研究方向。     

入侵检测相关技术的研究

首先对入侵检测技术的研究背景进行阐述,然后对入侵检测系统的有关技术、网络入侵检测技术、评价入侵检测系统的指标和CIDF标准框架进行了深入研究。其中对于入侵检测系统详细地讲解了基于主机的入侵检测系统和基于网络的入侵检测系统;对于入侵检测技术深入讲解了误用检测技术、异常检测技术和混合检测技术;对于入侵检测性能指标详细讲解了漏报和误报、系统负荷、检测延迟时间和抗攻击能力。最后对网络入侵检测技术的未来发展方向进行了展望。     

面向集群计算机的入侵检测系统设计

随着网络技术的飞速发展,高速网络不断涌现,这对入侵检测技术提出了更高的要求.而传统的网络入侵检测系统一般只能处理百兆以下的网络流量.为了应对高速网下的入侵检测,文中通过调研和分析,建立面向集群系统的入侵检测系统理论框架和系统结构,详尽介绍了该系统的总体结构,并着重讨论了它的实现及关键技术.     

浅谈入侵检测技术

随着网络软硬件的发展,入侵检测技术也得到发展.文章概述了入侵检测系统,讨论了其优缺点,并提出了入侵检测技术的发展趋势.     

基于层次化的入侵检测模型研究

随着互联网络的广泛应用,网络信息量迅速增长,网络安全问题日趋突出,入侵检测已经成为网络安全的重要组成部分.针对传统的入侵检测模型所存在的已知系统漏洞或攻击方法的知识缺陷,分析了当前入侵检测系统所存在的诸多问题,提出了基于入侵检测策略的层次化入侵检测模型,该模型可以监视已知入侵和检测未知入侵,对网络入侵检测系统的设计有一定参考价值,对综合解决网络安全问题是一个有益的探索.     

基于 Agent 和聚类分析的网络入侵检测研究

为了解决现有的入侵检测系统响应网络环境慢、需要较多人工干预的局限,采用智能体技术和聚类分析设计一种新的网络入侵检测方法.使用智能体技术实现入侵检测系统的分布式设计,利用分层的控制智能体实现入侵检测系统的自主控制,同时使用基于模糊 C 均值算法的数据挖掘技术对网络数据进行检测分析,并利用加权算法对模糊 C 均值算法进行改进,提高系统的检测能力.结果表明,该系统能够减少人工干预,对网络环境响应较快,入侵检测性能也得到了提高.     

入侵防御系统(IPS)的技术研究及其实现

入侵防御系统是网络安全领域为弥补防火墙及入侵检测系统(Intrusion Detection System)的不足而新发展起来的一种计算机信息安全技术.不同的入侵防御系统实现的方式各不一样,但其共同点是综合了防火墙防御功能和入侵检测系统的网络数据包检测功能,紧密实现了上述两安全系统的互动互利,对受保护网络进行更为完善的保护.论述了入侵防御系统的两种体系结构,并对其中的关键技术作了介绍.在最后提出了一个入侵防御原型系统的实现方式以供探讨.     

免疫机制在网络入侵检测系统中的应用

在对现有的入侵检测系统和生物免疫系统进行研究的基础上,对基于免疫的入侵检测模型进行了探讨,得出改进现有入侵检测系统的方法,将生物免疫系统的原理、结构和算法,应用于网络入侵检测系统的设计与实现.     

Using group mobility and multihomed mobile gateways to connect mobile ad hoc networks to the global IP Internet

Connecting multihop mobile ad hoc wireless networks (MANETs) to the Internet would enable MANET nodes to share wireless Internet access with mobile hosts that are one‐hop away from their foreign networks. The integration of MANETs and the global Internet, however, faces an obstacle due to their network architectural mismatches regarding their infrastructure, topology, and mobility management mechanisms. Solutions to the integration problem should introduce an intermediate facility with hybrid mechanism, enabling it to connect to both networks. The quality of the multihop wireless Internet access service provided to MANET nodes depends on the design quality of this facility in order for MANET nodes to enjoy their Internet connectivity anywhere and anytime without much disconnections. In this paper, we propose hierarchical architecture that uses group mobility and multihomed mobile gateways, and present and analyse different simulations results. A multihomed mobile gateway can simultaneously connect to multiple Mobile IP foreign agents, provided it is located within their overlapping coverage area. It runs updated versions of the destination‐sequenced distance vector (DSDV) and Mobile IP protocols, and is responsible for providing MANET nodes with wireless Internet access though they are multiple wireless hops away from the edge of the Internet. The rationale behind using multihoming is to increase reliability of the Internet access service and enhance performance of the integrated network. Copyright © 2006 John Wiley & Sons, Ltd.     

Friend-assisted intrusion detection and response mechanisms for mobile ad hoc networks

Nowadays, a commonly used wireless network (i.e., Wi-Fi) operates with the aid of a fixed infrastructure (i.e., an access point) to facilitate communication between nodes. The need for such a fixed supporting infrastructure limits the adaptability and usability of the wireless network, especially in situations where the deployment of such an infrastructure is impractical. Recent advancements in computer network introduced a new wireless network, known as a mobile ad hoc network (MANET), to overcome the limitations. Often referred as a peer to peer network, the network does not have any fixed topology, and through its multi hop routing facility, each node can function as a router, thus communication between nodes becomes available without the need of a supporting fixed router or an access point. However, these useful facilities come with big challenges, particularly with respect to providing security. A comprehensive analysis of attacks and existing security measures suggested that MANET are not immune to a colluding blackmail because such a network comprises autonomous and anonymous nodes. This paper addresses MANET security issues by proposing a novel intrusion detection system based upon a friendship concept, which could be used to complement existing prevention mechanisms that have been proposed to secure MANETs. Results obtained from the experiments proved that the proposed concepts are capable of minimising the problem currently faced in MANET intrusion detection system (IDS). Through a friendship mechanism, the problems of false accusations and false alarms caused by blackmail attackers in intrusion detection and response mechanisms can be eliminated.     

Gateway load balancing using multiple QoS parameters in a hybrid MANET

A Mobile ad hoc network (MANET) is a self configurable wireless network in which mobile nodes communicate with each other in a multihop fashion without any pre-installed infrastructure. A MANET can be considered to be a standalone network. To enhance the connectivity of a MANET it can be connected to the fixed network, thus forming a heterogeneous network. The integration of MANET and the Internet is called a hybrid MANET which is facilitated by special nodes called Internet gateway nodes. Load balancing among gateways is a challenging task when a MANET is connected to Internet. Gateway nodes with higher loads will lead to disconnected networks and depletes the node’s resources which include their batteries, memory and bandwidth quickly. Gateway selection based on the shortest path may increase traffic concentration on one particular gateway which leads to congestion and increases delay in the network. In this paper a QoS based load balancing mechanism has been proposed among multiple gateway nodes that provide communication between mobile nodes and fixed nodes in the Internet to select lightly loaded gateways so that more packets will be delivered to the fixed host in the Internet. The proposed QoS based scheme selects four QoS parameters that are (1) connecting degree, (2) interface queue length, (3) routing table entries and (4) hop count. A weight based method is used to select the gateway which combines all four QoS metrics. Simulation results demonstrate that when compared with individual parameter, the average ETE delay, queue size and traffic load of gateway generated by proposed algorithm is decreased by 17, 25 and 15 % respectively and when compared with existing schemes, the average ETE delay, queue size and traffic load of gateway is decreased by 25, 25 and 16 % respectively.     

Ad Hoc与Internet互连的动态网关方案

移动Ad Hoe网络(MANET)是一种自治的、不需要固定基础设施的网络.将MANET与Internet连接可以扩展MANET的应用,实现资源共享,扩大网络的覆盖范围.文中提出一种具有三个层次的MANET与Internet互连的动态网关方案,把动态网关作为连接MANET和Internet的界面.最后文中通过仿真试验,动态网关方案使混合网络的性能得到了提高.     

A survey of current architectures for connecting wireless mobile ad hoc networks to the Internet

Connecting wired and wireless networks, and particularly mobile wireless ad hoc networks (MANETs) and the global Internet, is attractive in real‐world scenarios due to its usefulness and praticality. Because of the various architectural mismatches between the Internet and MANETs with regard to their communication topology, routing protocols, and operation, it is necessary to introduce a hybrid interface capable of connecting to the Internet using Mobile IP protocol and to MANETs owing to an ad hoc routing protocol. Specifically, the approaches available in the literature have introduced updated versions of Mobile IP agents or access points at the edge of the Internet to help MANET nodes get multi‐hop wireless Internet access. The main differences in the existing approaches concern the type of ad hoc routing protocol as well as the switching algorithm used by MANET nodes to change their current Mobile IP agents based on specific switching criteria. This paper surveys a variety of approaches to providing multi‐hop wireless Internet access to MANET nodes. Copyright © 2006 John Wiley & Sons, Ltd.     

A Two-Tier Heterogeneous Mobile Ad Hoc Network Architecture and Its Load-Balance Routing Problem

The mobile ad hoc network (MANET) has attracted a lot of interest recently. However, most of the existing works have assumed a stand-alone MANET. In this paper, we propose a two-tier, heterogeneous MANET architecture which can support Internet access. The low tier of the network consists of a set of mobile hosts each equipped with a IEEE 802.11 wireless LAN card. In order to connect to the Internet and handle the network partitioning problem, we propose that the high tier is comprised of a subset of the mobile hosts, called gateways, which can access to cellular/infrastructure networks. The high tier is heterogeneous in the sense that the network interfaces in the gateway hosts could be IEEE 802.11 cards, PHS handsets, or GPRS handsets characterized by different bandwidths and latencies. Observing that the gateways could become the bottlenecks of the two-tier network, we propose a set of solutions, namely boundary-moving, host-partitioning, and probabilistic solutions, to solve the load-balance routing issue. Implementation issues/concerns of these schemes are discussed. Simulation results are presented to compare these load-balance routing schemes.     

MANET中的关键技术探讨

由于移动自组网(MANET)具有多跳的无线连接、动态拓扑及有限带宽等特征,给其路由协议带来了很多挑战.文中简要介绍了MANET的概念、特点,重点分析了MANET中的关键技术(无线资源管理与空中接口理论技术.路由技术、互联网接入技术、地址自动分配技术、域名系统和服务质量保证技术),同时对无线资源管理与空中接口理论技术、域名系统及服务质量保证技术的实现进行了简单的推测.     

移动自组网与Internet互连的动态网关策略

移动自组网(MANET)是自治的无基础设施的网络,它通过IP路由支持多跳无线通信。它与Internet 相比存在着许多差异,不仅有网络拓扑结构的不同,还存在通信方式的不同。因此,MANET与Internet组合成混杂网络(hybrid network)是一个具有挑战性的课题。移动自组网(MANET)的结点要进行Internet连接,就必须寻找Internet网关。如何寻找和维持与Internet网关的连接是这个问题的关键,再者,就是如何切换到一个更合适的相邻网关。在这篇文章中,首次提出动态网关的概念,动态网关作为MANET和Internet之间的接口起桥梁作用。通过模型分析,证明动态网关体系结构适合于自组网与Internet互联。仿真结果显示,利用动态网关的网络性能优于单一固定网关的体系结构的网络性能。     

移动自组网的单播地址自动分配方案

移动自组网（MANET）是无固定基础设施的无线网络,具有多跳、拓扑结构动态变化、带宽、能量有限等特点。因此常规的地址配置方案,如动态主机配置（DHCP）并不适于MANET。MANET中的节点可以借助IPv6的自动配置机制,利用MAC地址或随机号来自动配置其地址。丈中对几种基于IPv6的MANET单播地址自动分配方案进行了讨论,从地址唯一性、简单性、适应性、健壮性等方面进行了综合比较。对移动自组网的地址分配方案提出了一些建议,并指出了进一步研究的问题。     

移动自组织网与有线网融合技术研究与展望

随着移动自组织网络(MANET)组网技术的不断成熟,MANET路由协议与传统Internet路由协议的融合已经成为网络互联的重要内容,成为影响组网效率的决定性因素.本文分别对移动自组织网络作为末端网和承载网的互联技术进行了研究,并在此基础上提出了基于无线栅格网络(wireless mesh networl,WMN)结构的未来移动互联技术的演进方案,对WMN的路由协议进行了有意义的探讨.