| 高效串匹配型入侵检测系统 |
| |
| 引用本文: | 张邈,徐辉,潘爱民. 高效串匹配型入侵检测系统[J]. 计算机工程, 2003, 29(19): 104-105,130 |
| |
| 作者姓名: | 张邈 徐辉 潘爱民 |
| |
| 作者单位: | 北京大学计算机科学技术研究所文字信息处理技术国家重点实验室,北京,100871 |
| |
| 基金项目: | 国家“863”基金资助项目(863-301-06-03) |
| |
| 摘 要: | 针对当前串匹配型入侵检测系统普遍面临的效率问题,从规则库结构、串匹配算法及应用层协议分析等方面入手进行优化,设计并实现了高效率的串匹配型入侵检测系统speedIDs,并将测试结果与Snort系统进行了对比。
|
| 关 键 词: | 入侵检测 串匹配 规则库 协议分析 |
| 文章编号: | 1000-3428(2003)19-0104-02 |
An Efficient Content-based Intrusion Detection System |
| |
| ZHANG Miao,XU Hui,PAN Aimin. An Efficient Content-based Intrusion Detection System[J]. Computer Engineering, 2003, 29(19): 104-105,130 |
| |
| Authors: | ZHANG Miao XU Hui PAN Aimin |
| |
| Abstract: | The efficiency of content-based intrusion detection systems, the structure of the signature library, the string matching algorithms and the analysis of application level protocols, has been regarded as the most crucial topic for extensive research. This paper introduces SpeedlDS, an efficient experimental content-based IDS. After an overview on several important aspects of design and implementation in which SpeedlDS distinguishes itself from other IDSs are particularly discussed. Experiments are also presented to test the effectiveness and results are proved promising by excelling Snort, a famous and widely used IDS. |
| |
| Keywords: | Intrusion detection String matching Signature library Protocol analysis |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
