| 基于漏洞扫描的入侵检测规则屏蔽方法研究 |
| |
| 引用本文: | 张春瑞,王开云,高行宇,赵伟锋.基于漏洞扫描的入侵检测规则屏蔽方法研究[J].计算机应用与软件,2008,25(7). |
| |
| 作者姓名: | 张春瑞 王开云 高行宇 赵伟锋 |
| |
| 作者单位: | 中国工程物理研究院,计算机应用研究所,四川,绵阳,621900 |
| |
| 摘 要: | 网络入侵检测系统的规则数在不断地增加,规则匹配的过程越来越复杂.在高速网络的环境下,NIDS(Network Intrusion Detection System)难以适应,产生漏检.将漏洞扫描与入侵检测进行融合,通过对保护对象扫描,找出存在的漏洞,根据漏洞信息将无用的规则屏蔽.实验结果表明,可以大量减少无用的检测规则;同时可以减少相应的警报信息.提高了检测效率、降低丢包率.
|
| 关 键 词: | 入侵检测 漏洞扫描 屏蔽规则 |
STUDY ON MASKING INTRUSION DETECTION RULES BASED ON VULNERABILITY SCANNING |
| |
| Zhang Chunrui,Wang Kaiyun,Gao Xingyu,Zhao Weifeng.STUDY ON MASKING INTRUSION DETECTION RULES BASED ON VULNERABILITY SCANNING[J].Computer Applications and Software,2008,25(7). |
| |
| Authors: | Zhang Chunrui Wang Kaiyun Gao Xingyu Zhao Weifeng |
| |
| Affiliation: | Zhang Chunrui Wang Kaiyun Gao Xingyu Zhao Weifeng(Institute of Computer Application,China Academy of Engineering Physics,Mianyang 621900,Sichuan,China) |
| |
| Abstract: | Rules of Network Intrusion Detection System(NIDS) are increasing,and rules' matching course is also becoming more complicated.NIDS is hardly to accommodate to this circumstances in high-speed network and often loses packets in detection.To integrate vulnerability scanning and NIDS is an effective method.Vulnerability scanning checks the protected object and finds its vulnerable information,and then NIDS masks useless rules according to the checked information.The experiment indicates that NIDS can reduce lo... |
| |
| Keywords: | Intrusion detection Vulnerability scanner Marking rules |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
