| 融合漏洞扫描的入侵检测系统模型的研究 |
| |
| 引用本文: | 段丹青,陈松乔,杨卫平.融合漏洞扫描的入侵检测系统模型的研究[J].微机发展,2006,16(5):131-133. |
| |
| 作者姓名: | 段丹青 陈松乔 杨卫平 |
| |
| 作者单位: | 中南大学信息科学与工程学院,中南大学信息科学与工程学院,中南大学信息科学与工程学院 湖南长沙410083,湖南公安高等专科学校,湖南长沙410006,湖南长沙410083,湖南长沙410083,湖南公安高等专科学校,湖南长沙410006 |
| |
| 基金项目: | 湖南省教育厅青年项目(03B009) |
| |
| 摘 要: | 目前大部分入侵检测系统(IDS)采用基于模式匹配的入侵检测方法,该方法由于计算量大,因而在高速网络中检测效率较低。文章提出一种新的融合漏洞扫描功能的IDS模型,通过定期对系统进行漏洞扫描,及时修补系统安全漏洞,同时IDS根据漏洞扫描结果,对模式库进行动态更新,删除与得到修补的漏洞有关的攻击模式,缩减模式库的规模,提高检测效率。文章根据该模型提出一种基于多Agent的分布式IDS体系结构,提高了系统的可扩充性。
|
| 关 键 词: | 入侵检测 漏洞扫描 模式匹配 多Agent |
| 文章编号: | 1673-629X(2006)05-0131-03 |
| 修稿时间: | 2005年10月31 |
An Intrusion Detection System Model Merged Vulnerability Scanner |
| |
| DUAN Dan-qing.An Intrusion Detection System Model Merged Vulnerability Scanner[J].Microcomputer Development,2006,16(5):131-133. |
| |
| Authors: | DUAN Dan-qing |
| |
| Affiliation: | DUAN Dan-qing~ |
| |
| Abstract: | At present,most of intrusion detection systems employed a detection mechanism:the pattern matching,but due to giant computation of this mechanism, the IDS had low efficiency in high-speed network.The paper provides a new model of IDS merged vulnerability scanner.In this model,the system is scanned by the vulnerability scanner in regular time and patched the vulnerabilities in time,according to the results of the vulnerability scanner,the IDS will delete the attack patterns related with this patch in pattern library,it will decrease the size of pattern library,improve the efficiency of the IDS.Based on this model,the paper designs an IDS architecture based on multi-agent to improve the extensibility of the system. |
| |
| Keywords: | intrusion detection vulnerability scanner pattern matching multi-agent |
| 本文献已被 CNKI 等数据库收录! |
|
