| 基于统计阈值的Snort规则集动态产生的设计与实现 |
| |
| 引用本文: | 任丙忠,孔文焕.基于统计阈值的Snort规则集动态产生的设计与实现[J].计算机与现代化,2012(2):165-167,175. |
| |
| 作者姓名: | 任丙忠 孔文焕 |
| |
| 作者单位: | [1]山东科技大学电气信息系,山东济南250031 [2]济南职业外语学校,山东济南250021 |
| |
| 摘 要: | Snort作为开源的入侵检测系统,利用定义的静态规则集合实现对网络的入侵事件的检测。本文分析入侵检测系统的基本原理和模型,阐述Snort入侵检测系统部署到网络时,其静态规则集的配置方法,根据统计流量阈值和告警频率阈值动态产生动态规则集的方法,改进并提高了部署Snort应有的灵活性。
|
| 关 键 词: | 入侵检测系统 规则集 动态配置 Snort |
Design and Realization of Dynamic Rule Sets of Snort Based on Threshold of Statistics |
| |
| REN Bing-zhong,KONG Wen-huan.Design and Realization of Dynamic Rule Sets of Snort Based on Threshold of Statistics[J].Computer and Modernization,2012(2):165-167,175. |
| |
| Authors: | REN Bing-zhong KONG Wen-huan |
| |
| Affiliation: | 1.Department of Electrical Engineering and Information,Shandong University of Science and Technology,Ji'nan 250031,China; 2.Ji'nan Vocational College of Foreign Language,Ji'nan 250021,China) |
| |
| Abstract: | Snort is an open-source intrusion detection system.It detects intrusion with the static rule sets.The paper analyses the rationale and model of intrusion detection system.It introduces how to configure the static rule sets of Snort,describes a method of making dynamic rule sets according to the threshold of statistics flow and the threshold of alert frequency,this method improves and enhances the deployment of flexibility Snort should have. |
| |
| Keywords: | intrusion detection system(IDS) rule set dynamic configuration Snort |
| 本文献已被 CNKI 维普 等数据库收录! |
