[1]段丹青 陈松乔 杨卫平.融合漏洞扫描的入侵检测系统模型的研究[J].计算机技术与发展,2006,(05):131-133.
 DUAN Dan-qing,CHEN Song-qiao,YANG Wei-ping.An Intrusion Detection System Model Merged Vulnerability Scanner[J].,2006,(05):131-133.
点击复制

融合漏洞扫描的入侵检测系统模型的研究()
分享到:

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
期数:
2006年05期
页码:
131-133
栏目:
计算机安全
出版日期:
1900-01-01

文章信息/Info

Title:
An Intrusion Detection System Model Merged Vulnerability Scanner
文章编号:
1673-629X(2006)05-0131-03
作者:
段丹青12 陈松乔1 杨卫平12
[1]中南大学信息科学与工程学院[2]湖南公安高等专科学校
Author(s):
DUAN Dan-qing CHEN Song-qiao YANG Wei-ping
[1]College of Information Science and Engineering, Central South University[2]Hunan Public Security College
关键词:
入侵检测漏洞扫描模式匹配多Agent
Keywords:
intrusion detection vulnerability scaner pattern matching multi - agent
分类号:
TP393.08
文献标志码:
A
摘要:
目前大部分入侵检测系统(IDS)采用基于模式匹配的入侵检测方法,该方法由于计算量大,因而在高速网络中检测效率较低。文章提出一种新的融合漏洞扫描功能的IDS模型,通过定期对系统进行漏洞扫描,及时修补系统安全漏洞,同时IDS根据漏洞扫描结果,对模式库进行动态更新,删除与得到修补的漏洞有关的攻击模式,缩减模式库的规模,提高检测效率。文章根据该模型提出一种基于多Agent的分布式IDS体系结构,提高了系统的可扩充性
Abstract:
At present, most of intrusion detection systems employed a detection mechanism:the pattern matching, but due to giant computation of this mechanism, the IDS had low effieieney in high - speed network. The paper provides a new model of IDS merged vulnerability scanner. In this model, the system is scanned by the vulnerability scanner in regular time and patched the vulnerabilities in time, according to the results of the vulnerability scanner, the IDS will delete the attack patterns related with this patch in pattern library, it will decrease the size of pattern library, improve the efficiency of the IDS. Based on this model, the paper designs an IDS architecture based on multi - agent to improve the extensibillty of the system

相似文献/References:

[1]李雷 丁亚丽 罗红旗.基于规则约束制导的入侵检测研究[J].计算机技术与发展,2010,(03):143.
 LI Lei,DING Ya-li,LUO Hong-qi.Intrusion Detection Technology Research Based on Homing - Constraint Rule[J].,2010,(05):143.
[2]马志远,曹宝香.改进的决策树算法在入侵检测中的应用[J].计算机技术与发展,2014,24(01):151.
 MA Zhi-yuan,CAO Bao-xiang.Application of Improved Decision Tree Algorithm in Intrusion Detection System[J].,2014,24(05):151.
[3]高峥 陈蜀宇 李国勇.混合入侵检测系统的研究[J].计算机技术与发展,2010,(06):148.
 GAO Zheng,CHEN Shu-yu,LI Guo-yong.Research of a Hybrid Intrusion Detection System[J].,2010,(05):148.
[4]林英 张雁 欧阳佳.日志检测技术在计算机取证中的应用[J].计算机技术与发展,2010,(06):254.
 LIN Ying,ZHANG Yan,OU Yang-jia.Application of Log Testing Technology in Computer Forensics[J].,2010,(05):254.
[5]李钦 余谅.基于免疫遗传算法的网格入侵检测模型[J].计算机技术与发展,2009,(05):162.
 LI Qin,YU Liang.Grid Intrusion Detection Model Based on Immune Genetic Algorithm[J].,2009,(05):162.
[6]黄世权.网络存储安全分析[J].计算机技术与发展,2009,(05):170.
 HUANG Shi-quan.Analysis of Network Storage's Safety[J].,2009,(05):170.
[7]李睿 肖维民.基于孤立点挖掘的异常检测研究[J].计算机技术与发展,2009,(06):168.
 LI Rui,XIAO Wei-min.Research on Anomaly Intrusion Detection Based on Outlier Mining[J].,2009,(05):168.
[8]胡琼凯 黄建华.基于协议分析和决策树的入侵检测研究[J].计算机技术与发展,2009,(06):179.
 HU Oiong-kai,HUANG Jian-hua.Intrusion Detection Based on Protocol Analysis and Decision Tree[J].,2009,(05):179.
[9]汪世义.基于优化支持向量机的网络入侵检测技术研究[J].计算机技术与发展,2009,(07):177.
 WANG Shi-yi.Network Intrusion Detection Based on Improved Support Vector Machine[J].,2009,(05):177.
[10]薛俊 陈行 陶军.一种基于神经网络的入侵检测技术[J].计算机技术与发展,2009,(08):148.
 XUE Jun,CHEN Hang,TAO Jun.Technology of Intrusion Detection Based on Neural Network[J].,2009,(05):148.

备注/Memo

备注/Memo:
湖南省教育厅青年项目(03B009)段丹青(1968-),女,江西永新人,博士研究生,研究方向为网络安全;陈松乔,教授,博士生导师,研究方向为软件工程
更新日期/Last Update: 1900-01-01