| 网络深层防御体系模型的研究和实现 |
| |
| 引用本文: | 李菲,乔佩利.网络深层防御体系模型的研究和实现[J].微机发展,2008,18(2):159-162. |
| |
| 作者姓名: | 李菲 乔佩利 |
| |
| 作者单位: | 哈尔滨理工大学计算机科学与技术学院 黑龙江哈尔滨150080 |
| |
| 基金项目: | 国家社会公益研究专项(2005DIB2J218) |
| |
| 摘 要: | 针对单一技术在安全防御上存在的缺陷.提出了一个基于三层防御机制的网络安全防御体系模型。该体系有机结合了防火墙、NIPS、基于异常的入侵检测、蜜罐等多种安全技术深层抵御入侵,各组件通过传递XML信息互相协作。首先对网络的安全和结构进行分析,在此基础上给出了体系模型并说明了模型的工作流程.对涉及的关键技术做了探讨,给出了蠕虫攻击实验测试系统的性能。实验结果证明该体系不仅能阻断已知攻击,对未知攻击也做到了有效防御。
|
| 关 键 词: | 防火墙 入侵检测 蜜罐 NIPS XML |
| 文章编号: | 1673-629X(2008)02-0159-04 |
| 修稿时间: | 2007年7月11日 |
Research and Implementation of Network Defense In- Depth System Model |
| |
| LI Fei,QIAO Pei-li.Research and Implementation of Network Defense In- Depth System Model[J].Microcomputer Development,2008,18(2):159-162. |
| |
| Authors: | LI Fei QIAO Pei-li |
| |
| Affiliation: | LI Fei, QIAO Pei-li(Computer Science and Technology College, Harbin Univ, of Sci. and Tech,, Harbin 150080,China) |
| |
| Abstract: | Focusing on the defects of the single technology on security prevention,proposed a network defense system model based on the three-level defense mechanism.The model that organically joined firewall,NIPS,AIDS,honeypot and so on had resisted attack in-depth,components cooperated by transmiting XML message.Firstly,the design thought of the security prevention system was described in the paper,and based on the thought,the architecture and workflow of the model was presented,and then the relevant sore technology was discussed.Lastly the worm attack experiment was presented to test the performance of the system.The experiment proved that the model not only blocked the known attack but also achieved the effective defense to the unknown attack. |
| |
| Keywords: | firewall intrusion detection honeypot NIPS XML |
| 本文献已被 CNKI 维普 等数据库收录! |
|
