| 基于状态协议分析的网络入侵检测技术 |
| |
| 引用本文: | 王庆生,张秀荣. 基于状态协议分析的网络入侵检测技术[J]. 电脑开发与应用, 2007, 20(4): 55-57 |
| |
| 作者姓名: | 王庆生 张秀荣 |
| |
| 作者单位: | 太原理工大学,太原,030024;太原理工大学,太原,030024 |
| |
| 摘 要: | 协议分析是网络入侵检测技术中的一种关键技术,但不能解决对于包含在多个数据包中的攻击。针对这一问题,提出了基于状态协议分析的检测技术,构建一个有限自动机(Finite Automaton,简称FA)来约束网络,并用由正则表达式产生的语言来描述一系列的正常的状态转化,充分利用协议的状态信息检测入侵。
|
| 关 键 词: | 协议分析 状态协议分析 入侵检测 自动机 |
| 文章编号: | 1003-5850(2007)04-0055-03 |
| 收稿时间: | 2006-10-11 |
| 修稿时间: | 2006-10-112007-02-21 |
Network Intrusion Detection Technique based on State Protocol Analysis |
| |
| Wang Qingsheng. Network Intrusion Detection Technique based on State Protocol Analysis[J]. Computer Development & Applications, 2007, 20(4): 55-57 |
| |
| Authors: | Wang Qingsheng |
| |
| Abstract: | The protocol analysis is an essential technique in network intrusion detection. But the technique doesn’t resolve the attacks which have involved many packages. Aiming at the problem, this paper puts forward network intrusion detection techniques based on state protocol analysis. The technique sets up a finite automaton (FA) to control a network and describes a series of normal state conversion by the type language of regular expression. It proposes an intrusion detection technique that takes full advantage of the protocol state information for detecting intrusion. |
| |
| Keywords: | protocol analysis state protocol analysis intrusion detection automaton |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
