| 一种基于协议分析的入侵检测模型的设计 |
| |
| 引用本文: | 袁卫华,傅光轩,鲁梦.一种基于协议分析的入侵检测模型的设计[J].网络安全技术与应用,2005(12):24-26. |
| |
| 作者姓名: | 袁卫华 傅光轩 鲁梦 |
| |
| 作者单位: | 贵州大学计算机网络研究所,贵州,550025 |
| |
| 摘 要: | 本文在对TCP/IP协议以及各种网络入侵攻击进行深入分析研究的基础上,设计了一种基于协议分析的同时使用异常检测和误用检测技术的网络入侵检测模型,并给出了实现思想,其中重点介绍了利用协议分析思想对TCP数据包进行入侵检测的具体算法思想和数据结构。基于协议分析将异常检测和误用检测方法有效结合不仅可以检测到大多数已知的攻击类型,而且可以发现大量未知的攻击类型,提高检测的准确性和效率。
|
| 关 键 词: | 入侵检测 误用检测 异常检测 协议分析 TCP数据包 |
A Design of An Anomaly and Misuse Intrusion Detection Model Base on Protocol Analysis |
| |
| Yuan Weihua,Fu Guangxuan,Lu Meng.A Design of An Anomaly and Misuse Intrusion Detection Model Base on Protocol Analysis[J].Net Security Technologies and Application,2005(12):24-26. |
| |
| Authors: | Yuan Weihua Fu Guangxuan Lu Meng |
| |
| Affiliation: | Yuan Weihua,Fu Guangxuan,Lu Meng Institute of Network,Department of Computer Science and Engineering,Guizhou University,Guizhou,550025 |
| |
| Abstract: | With the thorough study of the TCP\IP protocols and multifarious network intrusions and attacks,a kind of anomaly and misuse intrusion detection system based on protocol analysis is introduced in this article.The intrusion detection arithmetic and data structure are mainly illustrated here based on protocol analysis.The effective combination of the two kinds of technologies using protocol analysis ways can not only detect many kinds of known attacks,but also a number of unknown attack types,and can improve the accuracy and efficiency at the same time. |
| |
| Keywords: | lntrusion detection Misuse detection anomaly detection protocol analysis TCP data package |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
