| 基于骨干网的并行集群入侵检测系统 |
| |
| 引用本文: | 杨武,方滨兴,云晓春,张宏莉. 基于骨干网的并行集群入侵检测系统[J]. 哈尔滨工业大学学报, 2004, 36(3): 273-276 |
| |
| 作者姓名: | 杨武 方滨兴 云晓春 张宏莉 |
| |
| 作者单位: | 哈尔滨工业大学,国家计算机内容信息安全重点实验室,黑龙江,哈尔滨,150001;国家计算机网络与信息安全管理中心,北京,100031 |
| |
| 基金项目: | 国家高技术研究发展计划资助项目(2002AA142020). |
| |
| 摘 要: | 骨干网的大流量要求实现骨干网入侵检测系统必须改变传统的入侵检测系统结构模型并采用高效的入侵检测技术,在对骨干网入侵检测系统的关键技术进行深入研究的基础上,设计并实现了一种适用于骨干网的基于规则的入侵检测系统BNIDS(Backbone Network Intrusion Detection System),讨论了BNIDS系统的并行集群检测模型、报文捕获机制和基于规则的分析引擎,试验结果表明,可扩展的BNIDS系统能够对骨干网流量进行实时入侵检测分析。
|
| 关 键 词: | 入侵检测 网络安全 负载平衡 报文捕获 多模式匹配 |
| 文章编号: | 0367-6234(2004)03-0273-04 |
| 修稿时间: | 2003-05-15 |
A parallel cluster intrusion detection system for backbone network |
| |
| YANG Wu,FANG Bin-xing,YUN Xiao-Chun,ZHANG Hong-li. A parallel cluster intrusion detection system for backbone network[J]. Journal of Harbin Institute of Technology, 2004, 36(3): 273-276 |
| |
| Authors: | YANG Wu FANG Bin-xing YUN Xiao-Chun ZHANG Hong-li |
| |
| Abstract: | In order to change the traditional intrusion detection system architecture modei by adopting some ef ficient intrusion detection techniques in an intrusion detection system (IDS) for backbone network, based on in-depth research on the key techniques of the IDS for backbone network, the design and implementation of a rule-based intrusion detection system for backbone network-BNIDS ( Backbone Network Intrusion Detection System) , are discussed with emphasis on the parallel cluster detection modei, packet capture mechanism and rule-based analysis engine. The results -of experiments indicate that the scalable BNIDS can do the real-time intrusion detection in a backbone network. |
| |
| Keywords: | intrusion detection network security load balance packet capture multi-pattern matching |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
