| 协议分析技术检测复杂攻击的研究与实现 |
| |
| 引用本文: | 杜宁,刘胜辉.协议分析技术检测复杂攻击的研究与实现[J].哈尔滨理工大学学报,2006,11(5):79-82. |
| |
| 作者姓名: | 杜宁 刘胜辉 |
| |
| 作者单位: | 哈尔滨理工大学,计算机科学与技术学院,黑龙江,哈尔滨,150080 |
| |
| 摘 要: | 针对传统NIDS所采用简单模式匹配技术存在的弊端,介绍协议分析技术在入侵检测中的应用.依据协议攻击特征和协议的状态信息,提出协议分析与状态转移相结合的检测方法,并以实例说明此方法检测拒绝服务等多步骤复杂攻击的有效性.
|
| 关 键 词: | NIDS 协议分析 状态转移 |
| 文章编号: | 1007-2683(2006)05-0079-04 |
| 修稿时间: | 2005年11月15 |
Research and Implementation of Detecting Complex Attract Using Protocol Analysis |
| |
| DU Ning,LIU Sheng-hui.Research and Implementation of Detecting Complex Attract Using Protocol Analysis[J].Journal of Harbin University of Science and Technology,2006,11(5):79-82. |
| |
| Authors: | DU Ning LIU Sheng-hui |
| |
| Abstract: | Aiming at solving the flaw of simply pattern matching used in traditional NIDS,this paper recommends the application of protocol analysis technology used in NIDS.According to the pattern of protocol-attacks and protocol state information,it brings forward a new method that unites protocol analysis and state transition,and illustrates how it is applied in detecting Denial of Service(DoS) attacks. |
| |
| Keywords: | NIDS protocol-analysis state-transition |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
