摘要
随着计算机和互联网技术的发展,网络安全问题日益突出,入侵检测系统是维护网络安全的重要手段。目前,入侵检测系统中所开发的模型主要是基于静态签名信息或部分动态特征,不能及时响应入侵中的威胁及其变体。同时,入侵检测系统的研究主要集中于解决模型开发问题,很少兼顾系统的交互设计。因此,基于完整的系统调用信息构建入侵检测模型并利用Web开发技术Django设计了一个交互式自动入侵检测系统。入侵检测系统包括检测模块和交互模块。检测模块实现对系统调用信息的向量化,解决样本表示问题,同时返回入侵检测结果;交互模块是用户与检测模块沟通的桥梁,能够将样本信息和检测结果反馈给用户。该系统具有高检测率,数据化和图形化的交互界面,操作简单,易于扩展。
With the development of computer and Internet technology,the issue of network security has become increasingly prominent.Intrusion detection system is an important means to maintain network security.At present,the models developed in the intrusion detection system are mainly based on static signature information or part of dynamic characteristics,which cannot respond to the threat and its variants in time.At the same time,the research of intrusion detection system mainly focuses on solving the problem of model development,but seldom gives attention to the interactive design of the system.Therefore,this study builds an intrusion detection model based on the complete system call information and designs an interactive automatic intrusion detection system using web development technology Django.The intrusion detection system includes a detection module and an interaction module.The detection module implements vectorization of system call information,solves the problem of sample representation,and returns intrusion detection result.The interaction module is a communication bridge between the user and the detection module,which can feedback the sample information and test results to the user.The system has a high detection rate,an interactive interface with data and graphics,which is easy to operate and expand.
作者
王丽媛
李晓风
李玉洁
谭海波
WANG Liyuan;LI Xiaofeng;LI Yujie;TAN Haibo(Hefei Institutes of Physical Science,Chinese Academy of Sciences,Hefei 230031,China;University of Science and Technology of China,Hefei 230026,China)
出处
《仪表技术》
2020年第3期1-5,11,共6页
Instrumentation Technology
基金
安徽省科技重大专项(711245801052).
