基于Snort的DHCP Flood攻击检测 |
| |
引用本文: | 侯向宁,高岭.基于Snort的DHCP Flood攻击检测[J].电脑开发与应用,2010,23(6):42-44. |
| |
作者姓名: | 侯向宁 高岭 |
| |
作者单位: | 1. 成都理工大学工程技术学院,四川乐山,614007 2. 西北大学信息科学与技术学院,西安,710127 |
| |
摘 要: | Snort是一个功能强大的轻量级的NIDS,它能够检测出各种不同的攻击方式,并能对攻击进行实时警报。然而,Snort对DHCP Flood攻击的检测存在着明显的缺陷。在入侵检测系统Snort的基础上,通过设计预处理插件,实现了对DHCP Flood攻击的检测。
|
关 键 词: | DHCP Flood Snort NIDS |
The Detection for DHCP Flood based on Snort |
| |
Abstract: | Snort is one of a light weight, powerful NIDS. It can detect many different attack behviors, and then give a real-time alarm. However, Snort has a clear defect about DHCP Flood detection. In this paper, we expand preprocessor plug-ins to achieve detection the DHCP Flood based on the Snort NIDS. |
| |
Keywords: | DHCP Flood Snort NIDS |
本文献已被 维普 万方数据 等数据库收录! |
|