| 审计跟踪与入侵检测 |
| |
| 引用本文: | 刘美兰 姚克松. 审计跟踪与入侵检测[J]. 计算机工程与应用, 1999, 35(7): 12-15 |
| |
| 作者姓名: | 刘美兰 姚克松 |
| |
| 作者单位: | 郑州信息工程学院!郑州,450002,北京北方计算中心!北京,100091 |
| |
| 摘 要: | 大多数操作系统、数据库系统及应用系统都提供了某种审计机制,但由于缺乏对于系统审计信息进行实时处理的技术和能力,往往只是在通过其他途径发现入侵或犯罪迹象之后才来分析系统的审计信息,使审计信息仅仅作为一种事后的证据。这样便浪费了这些对于保障信息系统安全具有重大意义的宝贵资源。因此,将审计跟踪与实时预警结合起来,实现实时的入侵检测是非常有意义的。该文分析了当前根据审计跟踪进行入侵检测的方法和特点,提出利用神经网络进行入侵检测的优势所在。
|
| 关 键 词: | 审计 审计跟踪 入侵检测 |
Audit Trail and Intrusion Detection |
| |
| Liu Meilan. Audit Trail and Intrusion Detection[J]. Computer Engineering and Applications, 1999, 35(7): 12-15 |
| |
| Authors: | Liu Meilan |
| |
| Abstract: | Most existing operating systems .database systems and application systems provide certain auditing mechnisms. However, because of the laek of technique and capibility of processing audit log real-timely, audit trail is only used as an after-the-fact evidence. This wastes the valuable resource which is very important for computer security. To combine audit trail with pre-alert to intrusion detection is very helpful for security monitoring. We describe and evaluate current approaches to intrusion detection and then propose a way of intrusion detection in which neural network is applied and give its adventages over other intrusion detection systems. |
| |
| Keywords: | audit audit trail intrusion detection |
| 本文献已被 CNKI 维普 等数据库收录! |
