| 一个基于系统调用的主机入侵检测系统的传感器实现方案 |
| |
| 引用本文: | 邵萍,彭勤科.一个基于系统调用的主机入侵检测系统的传感器实现方案[J].计算机工程与应用,2003,39(26):119-121,128. |
| |
| 作者姓名: | 邵萍 彭勤科 |
| |
| 作者单位: | 西安交通大学系统工程研究所网络化系统与信息安全实验室,西安,710049 |
| |
| 基金项目: | 国家863高技术研究发展计划(编号:2001AA140213)资助 |
| |
| 摘 要: | linux系统调用信息对于描述主机系统的安全状态有重要的作用,论文分析了linux系统调用信息在入侵检测中的应用;阐述了入侵检测系统HostKeeper中系统调用传感器的原形框架、软件设计和实现方法;并给出了利用linux系统调用信息进行入侵检测的实验结果。
|
| 关 键 词: | linux系统调用 入侵检测 网络安全 异常检测 |
| 文章编号: | 1002-8331-(2003)26-0119-03 |
Sensor Implementation of Host Instrusion Detection System Based on System Call |
| |
| Shao Ping Peng Qinke.Sensor Implementation of Host Instrusion Detection System Based on System Call[J].Computer Engineering and Applications,2003,39(26):119-121,128. |
| |
| Authors: | Shao Ping Peng Qinke |
| |
| Abstract: | The information of linux system call plays an important role in describing the security state of computer system.There are more and more attentions put in this research area.This paper analyzes the utility of system call infor-mation in intrusion detection,discusses the prototype architecture,software design and realizing method of system call sensor in intrusion detection system HostKeeper,and gives the experiment result of HostKeeper in intrusion detection. |
| |
| Keywords: | linux system call intrusion detection network security abnormity detection |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
