| 基于Netfilter框架的分布式网络入侵检测系统 |
| |
| 引用本文: | 吴仲,刘衍珩,田大新,张元媛.基于Netfilter框架的分布式网络入侵检测系统[J].计算机应用,2007,27(6):1353-1355. |
| |
| 作者姓名: | 吴仲 刘衍珩 田大新 张元媛 |
| |
| 作者单位: | 吉林大学计算机科学与技术学院 吉林长春130012 |
| |
| 基金项目: | 高等学校博士学科点专项科研项目 |
| |
| 摘 要: | 针对网络入侵检测系统(NIDS)的处理速度无法跟上网络通讯及其数量的增长速度,提出了基于Netfilter的分布式NIDS系统和负载均衡算法,在Netfilter上实现了数据包的分流,使得分配到每一个NIDS的数据包的集合是一个特定攻击的特征集合。实验表明,分布式NIDS中每个NIDS的负载基本相等,漏检率减少到了单个NIDS的1/4。
|
| 关 键 词: | 网络入侵检测系统 分布式 Netfilter 负载均衡 |
| 文章编号: | 1001-9081(2007)06-1353-03 |
| 收稿时间: | 2006-12-18 |
| 修稿时间: | 2006-12-18 |
Distributed network intrusion detection system based on Netfilter |
| |
| WU Zhong,LIU Yan-heng,TIAN Da-xin,ZHANG Yuan-yuan.Distributed network intrusion detection system based on Netfilter[J].journal of Computer Applications,2007,27(6):1353-1355. |
| |
| Authors: | WU Zhong LIU Yan-heng TIAN Da-xin ZHANG Yuan-yuan |
| |
| Affiliation: | College of Computer Science and Technology, Jilin University, Changchun Jilin 130012, China |
| |
| Abstract: | The processing speed of Network Intrusion Detection systems (NIDS) is still low compared with the speed of networks. As a result, few NIDS are applicable in a high-speed network. A distributed NIDS for high-speed networks was presented in this paper. The overall traffic was divided into small slices based on Netfilter, and the algorithm of load balancing was given to ensure that a single slice contained all the necessary evidence to detect a specific attack. The results of experiments show that the packets are almost equally scattered to all NIDS, and the percentage of missed rate declined to 1/4 of single NIDS. |
| |
| Keywords: | Network Intrusion Detection System (NIDS) distributed Netfilter load balancing |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机应用》浏览原始摘要信息 |
|
点击此处可从《计算机应用》下载全文 |
