| 基于TCP/IP的入侵检测评测技术研究 |
| |
| 引用本文: | 李庆华,孟中楼,童健华.基于TCP/IP的入侵检测评测技术研究[J].计算机工程与应用,2004,40(6):147-149,167. |
| |
| 作者姓名: | 李庆华 孟中楼 童健华 |
| |
| 作者单位: | 华中科技大学国家高性能计算中心,武汉,430074 |
| |
| 基金项目: | 国家自然科学基金资助(编号:62027307) |
| |
| 摘 要: | 入侵检测系统的评测是入侵检测研究的一个重要方面。论文研究TCP/IP协议下如何利用协议的脆弱性按层次生成评测数据,在此基础上提出了分段混合评测的入侵检测评测方法。该方法的主要思想是数据混合和评测分段。相对以往的评测方法,由于数据混合,它的评测数据更丰富、更接近现实环境,而且可以自由添加;由于评测分段,简化了评测的实现,对正常网络的干扰很小,能够生成一些特定网络中无法生成的攻击。
|
| 关 键 词: | 入侵检测 TCP/IP IDS评测 BPF模型 脆弱性 分段混合评测 |
| 文章编号: | 1002-8331-(2004)06-0147-03 |
A Research on Methodology for Testing IDS Based on TCP/IP |
| |
| Li,Qinghua Meng Zhonglou Tong Jianhua.A Research on Methodology for Testing IDS Based on TCP/IP[J].Computer Engineering and Applications,2004,40(6):147-149,167. |
| |
| Authors: | Li Qinghua Meng Zhonglou Tong Jianhua |
| |
| Abstract: | IDS test is an important aspect to research in Intrusion Detection System.The authors research how to create the data for testing hiberarchy according to the vulnerability of TCP/IP at first.Based on this research,the authors give a method for testing IDS called Staged-Mixed-Test.The main ideal of this method is staged-test and mixed data for testing.Compared with other methods for test,its test data is richer and more real for its mixed data.It's more simple to be realized and it has less interference to real network for its staged-test.It can test attacks which couldn't be created in special network. |
| |
| Keywords: | Intrusion Detection TCP/IP IDS Testing BPF Vulnerability Staged-Mixed-Test |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
