| 入侵检测中的自适应模式匹配技术 |
| |
| 引用本文: | 高朝勤,陈元琰,李梅.入侵检测中的自适应模式匹配技术[J].计算机工程,2009,35(6):170-172. |
| |
| 作者姓名: | 高朝勤 陈元琰 李梅 |
| |
| 作者单位: | 广西师范大学计算机科学与信息工程学院,桂林,541004 |
| |
| 摘 要: | 模式匹配既是网络入侵检测系统(NIDS)的核心技术,也是NIDS中消耗资源最多的部分,并正在成为NIDS的性能瓶颈。现有的模式匹配算法大多采用静态定义的优化策略,没有考虑网络流量和入侵检测规则的特性。该文提出一种自适应的模式匹配算法AMPM,动态统计网络流量和规则组的特性,根据统计结果自动选择最合适的模式匹配算法。测试表明,AMPM使现有NIDS的性能提高了9.4%-29.1%,且对于大规则集具有更好的适应性。
|
| 关 键 词: | 自适应 模式匹配 入侵检测 网络安全 |
| 修稿时间: | |
Adaptive Pattern Matching Technology for Intrusion Detection |
| |
| GAO Chao-qin,CHEN Yuan-yan,LI Mei.Adaptive Pattern Matching Technology for Intrusion Detection[J].Computer Engineering,2009,35(6):170-172. |
| |
| Authors: | GAO Chao-qin CHEN Yuan-yan LI Mei |
| |
| Affiliation: | College of Computer Science and Information Engineering;Guangxi Normal University;Guilin 541004 |
| |
| Abstract: | Pattern matching computations dominate in the overall cost of running a Network Intrusion Detection System(NIDS). With network speed and the number of rules constantly increasing, pattern matching as a key component, is becoming the bottleneck in NIDS. Existing approaches to match pattern mostly apply statically-defined optimizations that do not take into account the characteristics of the network traffic and attack signatures. This paper proposes an adaptive multi-pattern matching algorithm specifically de... |
| |
| Keywords: | adaptive pattern matching intrusion detection network security |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载全文 |
