| 基于联系分析的Linux shell入侵检测方案 |
| |
| 引用本文: | 何倩,王勇,王子民.基于联系分析的Linux shell入侵检测方案[J].桂林电子科技大学学报,2003,23(6):18-21. |
| |
| 作者姓名: | 何倩 王勇 王子民 |
| |
| 作者单位: | 桂林电子工业学院,网络中心,广西,桂林,541004 |
| |
| 基金项目: | 广西教育厅基金项目(D200126) |
| |
| 摘 要: | 随着计算机网络的发展,网络安全已成为现代计算机系统的一个重要研究课题,入侵检测技术是实现网络安全的主要技术之一。Linuxshell广泛应用于网络安全领域,出现了基于脚本的入侵检测技术。入侵检测数据之间具有耦合性、关联性和复杂性,只对单个日志进行分析的常规脚本检测容易导致漏报。基于Linux操作系统,采取联系分析的方法对黑客入侵特征进行检测,并运用一个脚本程序对这个方案进行了实验和分析。
|
| 关 键 词: | Linux主机 入侵检测 联系分析 安全shell |
| 文章编号: | 1001-7437(2003)06-18-04 |
| 修稿时间: | 2003年11月10 |
Linux Shell Intrusion Detection Subject Based on Relation Analysis |
| |
| HE Qian,WANG Yong,WANG Zi-min.Linux Shell Intrusion Detection Subject Based on Relation Analysis[J].Journal of Guilin Institute of Electronic Technology,2003,23(6):18-21. |
| |
| Authors: | HE Qian WANG Yong WANG Zi-min |
| |
| Abstract: | With the rapid expansion of computer networks during the past few years, security has become a crucial issue for modern computer systems, and intrusion detection is an important security technology. Linux shell is widely used in the network security field including intrusion detection system. There is some relationship between the data for detection, so the normal shell which only checks a log may fail to report intrusion information. The paper uses a relation analysis method to detect hacker intrusion signatures, and gives a shell program on Linux to experiment and analyze the subject. |
| |
| Keywords: | linux host intrusion detection relation analysis secure shell |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
