基于蜜罐技术的网络入侵检测系统协作模型的研究与实现 |
| |
引用本文: | 禹谢华. 基于蜜罐技术的网络入侵检测系统协作模型的研究与实现[J]. 佳木斯工学院学报, 2009, 0(6): 860-863 |
| |
作者姓名: | 禹谢华 |
| |
作者单位: | 福建师范大学闽南科技学院,福建泉州362332 |
| |
摘 要: | 针对当前互联网中传统的入侵检测系统无法对未知攻击作出有效判断,而造成信息误报和漏报的问题,从入侵检测和蜜罐的基本特点出发,提出了一种基于蜜罐技术的网络入侵检测系统协作模型,通过引诱黑客入侵,记录入侵过程,研究攻击者所使用的工具、攻击策略和方法等,提取出新的入侵规则,并实时添加到IDS规则库中,以提高IDS检测和识别未知攻击的能力,进一步提升网络的安全性能.
|
关 键 词: | 蜜罐 网络入侵检测 协作模型 网络安全 |
Research and Implement Based on Cooperation Model of Honeypot and Intrusion Detection System |
| |
Affiliation: | YU Xie - hua ( Minnan Science and Technology Institute, Fujian Normal University, Quanzhou 362332, China) |
| |
Abstract: | For the current internet,the traditional intrusion detection system can't judge an unknown attacker effectively,which leads to false positive or failure to report the information. From the intrusion detection and the basic characteristics of honeypot,a cooperation model of network intrusion detection system based on honeypot technology is put forward.By luring hackers' intrusion,the invasion process is recorded,and the tools,attack strategies and methods used by the attacker are researched to extract the invasion of new rules which are real-time added to the IDS rule base in order to improve IDS detection and identification of unknown attack capabilities and farther enhance network security. |
| |
Keywords: | honeypot network intrusion detection cooperation model network security |
本文献已被 维普 等数据库收录! |
|