| 面向入侵检测系统的通用应用层协议识别技术研究 |
| |
| 引用本文: | 刘元勋 徐秋亮 云晓春. 面向入侵检测系统的通用应用层协议识别技术研究[J]. 山东工业大学学报, 2007, 37(1): 65-69 |
| |
| 作者姓名: | 刘元勋 徐秋亮 云晓春 |
| |
| 作者单位: | [1]山东大学计算机科学与技术学院,山东济南250061 [2]哈尔滨工业大学计算机科学与技术系,黑龙江哈尔滨100029 |
| |
| 摘 要: | 网络环境的不断发展和网络应用的不断加入使得协议分析和入侵检测的难度不断增大,同时造成了误报和漏报的不断发生.在进行协议分析和入侵检测以前首先对应用层协议进行识别并分别对不同协议采用不同的分析手段,可以极大的提高协议分析和入侵检测的可靠性.提出了一种通用的应用层协议识别技术并将其应用到入侵检测系统上,通过实验验证了其可用性和可靠性.
|
| 关 键 词: | 协议识别 入侵检测 多模式匹配 |
| 文章编号: | 1672-3961(2007)01-0065-05 |
| 修稿时间: | 2006-10-25 |
Research on IOSlfaced generallpurpose applicationllevel protocol identification technology |
| |
| LIU Yuan-xun, XU Qiu-liang, YUN Xiao-chun. Research on IOSlfaced generallpurpose applicationllevel protocol identification technology[J]. Journal of Shandong University of Technology, 2007, 37(1): 65-69 |
| |
| Authors: | LIU Yuan-xun XU Qiu-liang YUN Xiao-chun |
| |
| Affiliation: | 1. School of Computer Science and Technology, Shandong University, Jinan 250061, China; 2. Department of Computer Science and Technology, Harbin Institute of Technology, Harbin 100029, China |
| |
| Abstract: | With the ceaseless developing of the computer network environment and strengthening of network application, it becomes more and more difficult to analyze protocol and detect intrusion. In addition, report mistakes and pretermission happen frequently. The reliability of protocol analysis and intrusion detection can be improved greatly by identifying application-level protocol and analyzing different protocols with different methods before protocol analysis and intrusion detection. A general-purpose application-level protocol identification technology is proposed and applied to an intrusion detection system, whose usability and reliability are proved by the experimentation. |
| |
| Keywords: | protocol identification intrusion detection multi-pattern match |
| 本文献已被 维普 等数据库收录! |
