首页 | 本学科首页   官方微博 | 高级检索  
     

基于Snort的混合入侵检测系统的研究与实现
引用本文:李文龙,于开,曲宝胜. 基于Snort的混合入侵检测系统的研究与实现[J]. 电脑学习, 2012, 2(3): 23-28,32
作者姓名:李文龙  于开  曲宝胜
作者单位:1. 中国移动通信集团设计院有限公司黑龙江分公司,哈尔滨,150080
2. 哈尔滨工业大学网络与信息中心,哈尔滨,150001
摘    要:在分析研究snon系统的优缺点的基础上,利用其开源性和支持插件的优势,针对其对无法检测到新出现的入侵行为、漏报率较高以及检测速度较低等问题,在snon系统的基础上结合入侵检测中的数据挖掘技术,提出一种基于snort系统的混合入侵检测系统模型。该系统模型在snort系统原有系统模型基础上增加了正常行为模式构建模块、异常检测模块、分类器模块、规则动态生成模块等扩展功能模块。改进后的混合入侵检测系统能够实时更新系统的检测规则库,进而检测到新的入侵攻击行为;同时,改进后的混合入侵检测系统具有误用检测和异常检测的功能,从而提高检测系统检测效率。

关 键 词:snon系统  入侵检测  数据挖掘  规则学习

Research and Implementation of Hybrid Intrusion Detection System based on Snort
LI Wenlong , YU Kai , QU Baosheng. Research and Implementation of Hybrid Intrusion Detection System based on Snort[J]. Computer Study, 2012, 2(3): 23-28,32
Authors:LI Wenlong    YU Kai    QU Baosheng
Affiliation:1 China Mobile Group Telecommunication Design Institute Co., Ltd. Heilong]iang Branch, Harbin 150080, China; 2 Harbin Institute of Technology Network & Information Center, Harbin 150001, China)
Abstract:Based on the analysis and research of the advantages and disadvantages of the system Snort,making use of its open source and supporting plug-ins,and combining with data mining technique of the current intrusion detection,the paper proposes a hybrid intrusion de- tection system model based on Snort.The model is created to solve the problems such as unable to detect the new intrusion,high missing re- port rate and lower detection rate.The system model adds extended fimction model such as normal behavior model construction module, anomaly detection module, classifier module, the rules dynamic generation module.The improved hybrid intrusion detection system could update the detection rules library,and realize the detection of new intrusion attacks;simultaneously,it increases the functions of misuse detec- tion and anomaly detection,and improves the system detection efficiency.
Keywords:Snort System  Intrusion Detection  Data Mining  Rules Learning
本文献已被 维普 万方数据 等数据库收录!
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号