[1]马占飞,尹传卓.Windows 平台下 Snort 系统的架构与实现[J].计算机技术与发展,2013,(01):154-156.
 MA Zhan-fei,YIN Chuan-zhuo.Architecture and Implementation of Snort System under Windows Platform[J].,2013,(01):154-156.
点击复制

Windows 平台下 Snort 系统的架构与实现()

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
期数:
2013年01期
页码:
154-156
栏目:
安全与防范
出版日期:
1900-01-01

文章信息/Info

Title:
Architecture and Implementation of Snort System under Windows Platform
文章编号:
1673-629X(2013)01-0154-03
作者:
马占飞1尹传卓2
[1]内蒙古科技大学 包头师范学院;[2]内蒙古科技大学 信息工程学院
Author(s):
MA Zhan-feiYIN Chuan-zhuo
关键词:
网络安全入侵检测系统SnortBM算法ACID
Keywords:
network securityintrusion detection systemSnortBM algorithmACID
文献标志码:
A
摘要:
通过对入侵检测系统的深入研究,在此基础上,架构了一个在 Windows 平台下的基于 Snort 的分布式网络入侵检测系统.该系统模型融合了层次模型和分布式协作模型的优点,采用三级分层体系结构,并融合了改进的 BM 模式匹配算法(IBM 算法).实验结果表明,该系统能够对缓冲区溢出、端口扫描等攻击进行很好地探测,相比传统的 Snort 系统,在检测效率和性能上均有大幅度提高.同时该系统还提供了更加人性化的操作界面,方便了用户的操作和使用
Abstract:
Through studying and analyzing the current intrusion detection system (IDS),a novel and visual distributed intrusion detection system (DIDS) based on the Snort under the Windows platform is proposed. The system model combines the advantages of the hierarchi-cal model and the distributed collaboration model,using three-layer architecture,and integrated into the improved BM pattern matching algorithm (IBM algorithm). The experimental results show that the Snort system is able to detect buffer overflows,port scans and other attacks. Compared with the traditional Snort system,the system can improve greatly the detection efficiency and performance,and posses-ses better universalness and expansibility. The system also provides a more humane operation interface,and be convenient for the user's operation and use

相似文献/References:

[1]陶善旗 李俊 郭伟群 李海龙.入侵检测系统中模式匹配算法的研究与改进[J].计算机技术与发展,2010,(02):167.
 TAO Shan-qi,LI Jun,GUO Wei-qun,et al.Research and Improvement of Pattern Matching Algorithm for Intrusion Detection System[J].,2010,(01):167.
[2]严华 蔡瑞英.即时通信监控系统的设计与实现[J].计算机技术与发展,2009,(07):242.
 YAN Hua,CAI Rui-ying.Design and Implementation of Monitoring System of Instant Messaging[J].,2009,(01):242.
[3]高永梅 吴吉义[] 平玲娣.一种改进的移动自组网络入侵检测系统研究[J].计算机技术与发展,2009,(08):140.
 GAO Yong-mei,WU Ji-yi,PING Ling-di.Research on Improved Intrusion Detection System in Mobile Ad hoc Network[J].,2009,(01):140.
[4]李生 邓一贵 唐学文 潘磊 林玉香.基于移动代理的分布式入侵检测系统的研究[J].计算机技术与发展,2009,(09):132.
 LI Sheng,DENG Yi-gui,TANG Xue-wen,et al.Research of Mobile Agent - Based Distributed Intrusion Detection System[J].,2009,(01):132.
[5]潘晓君.基于缓存超时的ARP欺骗攻击协议的研究[J].计算机技术与发展,2009,(10):167.
 PAN Xiao-jun.Research of ARP Spoofing Attack Protocol Based on Cache Overtime[J].,2009,(01):167.
[6]彭云峰 沈明玉.入侵防御系统在应急平台网络中的应用研究[J].计算机技术与发展,2009,(02):162.
 PENG Yun-feng,SHEN Ming-yu.Research on Intrusion Prevention System for Emergency Response Network[J].,2009,(01):162.
[7]尚占锋 章登义.DDoS防御机制研究[J].计算机技术与发展,2008,(01):7.
 SHANG Zhan-feng,ZHANG Deng-yi.Research of DDoS Defense Mechanism[J].,2008,(01):7.
[8]涂溢彬 饶云波[] 廖云 周明天.蜜网系统在检测新型Rootkit中的应用[J].计算机技术与发展,2008,(01):181.
 TU Yi-bin,RAO Yun-bo,LIAO Yun,et al.Honeynet System Applied in New Pattern Rootkit[J].,2008,(01):181.
[9]孟宪苹 宋菲 李俊.基于序列模式挖掘的入侵检测系统的研究[J].计算机技术与发展,2008,(03):154.
 MENG Xian-ping,SONG Fei,LI Jun.Research of Intrusion Detection System Based on Sequential Pattern Mining[J].,2008,(01):154.
[10]邵晓宇 杨善林 褚伟.基于Linux入侵检测动态防火墙的设计与实现[J].计算机技术与发展,2008,(05):156.
 SHAO Xiao-yu,YANG Shan-lin,CHU Wei.Design and Implementation of Dynamic Intrusion Detection Firewall Based on Linux[J].,2008,(01):156.
[11]方贤进 李敬兆 姚亚锋 陈代梅.一种校园网的网络安全策略[J].计算机技术与发展,2006,(05):121.
 FANG Xian-jin,LI Jing-zhao,YAO Ya-feng,et al.A Network Security Strategy for Campus Network[J].,2006,(01):121.

更新日期/Last Update: 1900-01-01