| 入侵检测系统中应用层协议的并行重组 |
| |
| 引用本文: | 杨宏宇,谢丽霞,赵晓玲.入侵检测系统中应用层协议的并行重组[J].计算机工程,2005,31(23):141-142,150. |
| |
| 作者姓名: | 杨宏宇 谢丽霞 赵晓玲 |
| |
| 作者单位: | 中国民航学院软件研究中心,天津,300300;中国民航学院天津市智能信号与图像处理重点实验室,天津,300300;天津大学电信学院,天津,300072;中国民航学院软件研究中心,天津,300300;天津大学电信学院,天津,300072 |
| |
| 基金项目: | 国家自然科学基金资助项目(60472125);国家“863”计划基金资助项目(2002AA142010);中国民航总局科技基金资助项目(MR0421815);中国民航学院科技基金资助项目(K25025);天津市智能信号与图像处理重点实验室开放基金资助项目 |
| |
| 摘 要: | 针对传统入侵检测系统的不足之处,将并行算法引入到应用层报文重组过程,提出了应用层协议自适应外行重组的设计思想。提出了报文并行重组的算法思想、体系结构和实现环境。系统山探测器、任务分配器、重组结点和控制台组成。并行重组过程主要包括Master和Slave两部分,Master程序运行在任务分配器上,负责任务的分配和调度,Slave程序运行在各个重组结点上,完成对链表中报文的重组。试验结果证明了该重组并行方法具有较高的效率和较低的丢包率。
|
| 关 键 词: | 入侵检测 报文重组 并行 |
| 文章编号: | 1000-3428(2005)23-0141-02 |
| 收稿时间: | 2004-11-18 |
| 修稿时间: | 2004-11-18 |
Parallel Reassembling of Application Layer Protocol in IDS |
| |
| YANG Hongyu,XIE Lixia,ZHAO Xiaoling.Parallel Reassembling of Application Layer Protocol in IDS[J].Computer Engineering,2005,31(23):141-142,150. |
| |
| Authors: | YANG Hongyu XIE Lixia ZHAO Xiaoling |
| |
| Affiliation: | 1. Software Research and Development Center, Civil Aviation University of China, Tianjin 300300; 2. Tianjin Key Lab for Advanced Signal Processing, CAUC, Tianjin 300300; 3. School of Electronic Information Engineering, Tianjin University, Tianjin 300072 |
| |
| Abstract: | This paper introduces parallel computing into reassembling process, and presents the parallel reassembling algorithm in application layer aiming at the weakness of traditional IDS. The system consists of task distributor, reassembling nodes and console. The reassembling process includes two parts, master and slave. The master program on task distributor implements task allocation and scheduling, the slave program on each reassembling node completes packet reassembling with linked list. The experimental result shows that this parallel reassembling method has high efficiency and low packet dropping rate. |
| |
| Keywords: | Intrusion detection Packet reassembling Parallel |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
