| 入侵检测技术研究与系统设计 |
| |
| 引用本文: | 杨向荣,宋擒豹,沈钧毅.入侵检测技术研究与系统设计[J].计算机工程与应用,2001,37(16):1-4. |
| |
| 作者姓名: | 杨向荣 宋擒豹 沈钧毅 |
| |
| 作者单位: | 西安交通大学计算机科学与技术系, |
| |
| 基金项目: | 国家863高技术项目(编号:863-306-QN2000-5),西安交通大学科学研究基金资助 |
| |
| 摘 要: | 入侵检测技术是一种主动保护网络资源免受黑客攻击的安全技术。入侵检测系统监控受保护系统的使用情况,发现不安全状态。它不仅帮助系统对付外来网络攻击,还可以查知内部合法用户的非法操作,扩展了系统管理员的安全管理能力。入侵检测为系统提供了实时保护,被认为是防火墙之后的第二道安全闸门。文章讲述了入侵检测技术的发展状况和关键技术,对现有系统进行了分类,并指出了该技术面临的一些挑战。最后提出了一种基于数据挖掘技术的具有自学习、自完善功能的入侵检测模型,可发现已知和未知的滥用入侵和异常入侵活动。
|
| 关 键 词: | 入侵检测 数据挖掘 计算机信息安全 |
| 文章编号: | 1002-8331-(2001)16-0001-04 |
| 修稿时间: | 2001年3月1日 |
Research on the Intrusion Detection Technology and A System's Design |
| |
| Abstract: | : Intrusion detection technology is an active security technology which can prevent the network components from being attacked by hackers.Intrusion detection system(IDS)monitors the usage of protected systems,detects insecure states.It can not only help coping with external attacks but also detects the misuse of the legitimate users.IDS extends the security administrator's ability.IDS offers real-time protection to systems and is considered as the second line of defence behind firewall.In this paper we introduce the development and key technologies of IDS,give a taxonomy of present systems,point out some challenges this technology faced.At last we present a datamining-based IDS model which has the functions of self-learning and self-completing,it can detect the known and novel intrusion activities. |
| |
| Keywords: | : Intrusion detection,Data mining,Computer information security |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
