| 基于APT攻击的网络检测系统算法优化 |
| |
| 引用本文: | 蔡晶晶,郑学智. 基于APT攻击的网络检测系统算法优化[J]. 计算技术与自动化, 2019, 38(3): 147-150,156 |
| |
| 作者姓名: | 蔡晶晶 郑学智 |
| |
| 作者单位: | 武汉邮电科学研究院,湖北武汉,430074;武汉烽火通信科技有限公司,湖北武汉,430074 |
| |
| 摘 要: | 以Snort为核心,以分层分布式网络为框架构建基于APT攻击的入侵检测模块的防御系统,并提出了一套新的OTN动态匹配算法。首先,介绍了APT攻击的特点。然后提出了一套针对APT攻击的基于Snort的防御检测模型,并在Snort原有的三步动态调节算法的基础上,提出了一个新的动态匹配算法。最后,用原有的动态匹配算法与改进型动态匹配算法做对比实验,对最终结果进行对比分析。得出结论,采用新型动态匹配算法的分布式网络检测系统对网络安全防护的功能有明显的提高。
|
| 关 键 词: | 入侵检测 SNORT APT 匹配算法 |
Algorithm Optimization of Network Detection System Based on APT Attack |
| |
| CAI Jing-jing,ZHENG Xue-zhi. Algorithm Optimization of Network Detection System Based on APT Attack[J]. Computing Technology and Automation, 2019, 38(3): 147-150,156 |
| |
| Authors: | CAI Jing-jing ZHENG Xue-zhi |
| |
| Affiliation: | (Wuhan Research Institude of Posts and Telecommunications,Wuhan,Hubei 430074,China;Wuhan Fiberhome Network Technology Company Limited,Wuhan,Hubei 430074,China) |
| |
| Abstract: | This paper takes snort as the core and builds the defense system of APT attack-based intrusion detection module based on hierarchical distributed network, and proposes a new OTN dynamic matching algorithm.Firstly, the characteristics of APT attacks are introduced.Then a set of snort-based defense detection model for APT attacks is proposed.Based on the original three-step dynamic adjustment algorithm of snort, a new dynamic matching algorithm is proposed.Finally, a new dynamic matching algorithm is proposed.Using the original dynamic matching algorithm and the new dynamic matching algorithm to do the contrast experiment, the final result is compared and analyzed.and the conclusion is that the distributed network detection model using the new dynamic matching algorithm can better meet the needs of network security protection. |
| |
| Keywords: | intrusion detection Snort APT matching algorithm |
| 本文献已被 维普 万方数据 等数据库收录! |
|
