| 入侵检测系统报警信息融合模型的设计与实现 |
| |
| 引用本文: | 郑挺,胡华平. 入侵检测系统报警信息融合模型的设计与实现[J]. 计算机应用研究, 2004, 21(8): 95-98 |
| |
| 作者姓名: | 郑挺 胡华平 |
| |
| 作者单位: | 国防科学技术大学,计算机学院,湖南,长沙,410073;国防科学技术大学,计算机学院,湖南,长沙,410073 |
| |
| 基金项目: | 国家“863”高技术研究发展项目(2001AA142030) |
| |
| 摘 要: | 开展入侵检测系统报警信息融合技术的研究,对解决目前入侵检测系统(IDS)存在的误报、漏报、报警信息难管理、报警信息层次低等问题,以及提高网络预警能力等均具有十分重要的意义。首先分析了目前入侵检测系统存在的问题,提出了进行报警信息融合的必要性,最后提出并实现了一个入侵检测系统报警信息融合的可视化模型。
|
| 关 键 词: | 入侵检测(IDS) 报警信息融合 网络预警 关联 |
| 文章编号: | 1001-3695(2004)08-0095-04 |
| 修稿时间: | 2003-08-14 |
Design and Implementation of Intrusion Detection System Alerts Fusion Model |
| |
| ZHENG Ting,HU Hua-ping. Design and Implementation of Intrusion Detection System Alerts Fusion Model[J]. Application Research of Computers, 2004, 21(8): 95-98 |
| |
| Authors: | ZHENG Ting HU Hua-ping |
| |
| Affiliation: | (School of Computer Science,National University of Defense Technology,Changsha Hunan 410073,China) |
| |
| Abstract: | It is very important to study the technologies of IDS (Intrusion Detection System) alerts fusion,which can resolve the problems of current IDS,such as false positive, false negative,management hardly,creating alerts in low level,and it can increase network warning ability.Some problems in current IDS and necessity of doing alerts fusion are presented.An IDS alerts fusion visible model is presented,which provides solid base for passing check and acceptance successfully. |
| |
| Keywords: | Intrusion Detection System (IDS) Alerts Fusion Network Warning Correlation |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机应用研究》浏览原始摘要信息 |
|
点击此处可从《计算机应用研究》下载全文 |
|
