| 网络入侵检测系统规则链表的优化研究 |
| |
| 引用本文: | 赵 旭,王 伟,陈 亮.网络入侵检测系统规则链表的优化研究[J].计算机工程与应用,2015,51(20):91-96. |
| |
| 作者姓名: | 赵 旭 王 伟 陈 亮 |
| |
| 作者单位: | 西安工程大学 计算机科学学院,西安 710048 |
| |
| 摘 要: | 网络入侵检测系统在大流量下常出现较高的丢包率,针对该问题,从规则链表入手研究。针对传统链表中RTN链表过大、平均匹配长度过长的问题,提出通过增设多媒体类型结点、方向结点以及共性规则体结点对传统规则链表进行三次分解的方法来提高检测效率。通过三次分解后,系统对链表OTN结点的平均匹配长度大幅缩短。实验结果表明,使用该方法在提高网络入侵检测系统对多媒体数据检测效率的同时,还可有效降低丢包率,同时完备性也得到提高。
|
| 关 键 词: | 入侵检测 规则链表 多媒体类型结点 方向结点 共性规则体结点 |
Optimization research on rule list in network intrusion detection system |
| |
| ZHAO Xu,WANG Wei,CHEN Liang.Optimization research on rule list in network intrusion detection system[J].Computer Engineering and Applications,2015,51(20):91-96. |
| |
| Authors: | ZHAO Xu WANG Wei CHEN Liang |
| |
| Affiliation: | College of Computer Science, Xi’an Polytechnic University, Xi’an 710048, China |
| |
| Abstract: | In order to improve the detecting efficiency and reduce the rate of dropping packets of Network Intrusion Detection System(NIDS), aiming at the existing problems of oversize RTN rule list and overlength average match length in the traditional rule list, by means of adding media type nodes, direction nodes and common OTN nodes to rule list, a thrice-decomposition method is proposed. This improvement can dramatically shorten the average match length of OTN nodes in NIDS. Various experimental results show that the improvement above can not only improve the detecting efficiency of NIDS, but also reduce the rate of dropping packets. More importantly, completeness of NIDS can be greatly promoted. |
| |
| Keywords: | intrusion detection rule list media type nodes direction nodes common OTN nodes |
| 本文献已被 万方数据 等数据库收录! |
| 点击此处可从《计算机工程与应用》浏览原始摘要信息 |
|
点击此处可从《计算机工程与应用》下载全文 |
