期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

网络入侵检测系统中多模式匹配算法的研究 被引量:2

The Research of Multi-pattern Matching Algorithm in Network Intrusion Detection System
下载PDF
导出
摘要 网络入侵检测系统的性能一定程度依赖于精确、快速的模式匹配技术。随着网络速度的快速增长,模式匹配技术必将成为入侵检测系统性能的瓶颈。首先介绍了网络入侵检测系统Snort中采用的多模式匹配算法,进而提出了一种改进的多模式匹配算法。实验结果表明,改进后的算法降低了时间复杂度,提高了系统检测效率。 The performance of the Network Intrusion Detections Systems (NIDS) often relies on exact and fast pattern matching techniques. With the increasing of network speeds and traffic, the pattern matching techniques may become a performance bottleneck. A faster multi-pattern matching algorithm which is used in Snort, and present an improved multiple-pattern matching algorithm are introduced. The improved algorithm can reduce time complexity and increase the checking efficiency of the system by experiment.
作者 陈鹏 秦拯 龚发根
机构地区 湖南大学软件学院
出处 《科学技术与工程》 2005年第13期914-916,920,共4页 Science Technology and Engineering
基金 东莞科研发展基金(20040023)国家自然科学基金(60273070)湖南省2004年科技攻关项目(04gk3022)资助
关键词 入侵检测 模式匹配 多模式匹配算法 intrusion detection pattern matching multi-pattern matching algorithm
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献5

  • 1[2]Boyer R S, Moore J S. A fast string searching algorithm, Communications of the ACM, 1977 ; 20(10) : 762-772 被引量:1
  • 2[3]Qin Zheng, Wu Zhongfu, Liao Xiaofeng, et al.A network intrusion detection architecture based on intelligent agents. In: Proceedings of the International Conference on NIT, 2001 被引量:1
  • 3[4]Das K. The 1999 DARPA off-line intrusion detection evaluation. Compute Networks, 2000; 34(4):579-595 被引量:1
  • 4[5]Sunday DM. A very fast substring search algorithm. Communications of The ACM, 1990;33(3):132-142 被引量:1
  • 5徐明,陈纯,应晶.基于系统调用分类的异常检测(英文)[J].软件学报,2004,15(3):391-403. 被引量:27

二级参考文献18

  • 1Debar H, Dacier M, Wespi A. Toward a taxonomy of intrusion-detection systems. Computer Networks, 1999,31(8):805-822. 被引量:1
  • 2Ye N, Li XY, Chen Q, Emran SM, Xu MM. Probabilistic techniques for intrusion detection based on computer audit data IEEE Trans. on Systems, Man, and Cybernetics-Part A: Systems and Humans, 2001,31(4):266-274. 被引量:1
  • 3Ko C, Fink G, Levitt K. Automated detection of vulnerabilities in privileged programs byexecution monitoring. In: Proc. of the 10th Annual Computer Security Applications Conf Orlando: IEEE Computer Society Press 1994. 134~144. 被引量:1
  • 4Bernaschi M, Gabrielli E, Mancini LV. REMUS: A security-enhanced operating system. ACM Trans. on Information and System Security, 2002,5(1):36-61. 被引量:1
  • 5Goldberg I, Waqner D, Thomas R, Brewer EA. A secure environment for untrusted helper applications. In: Proc. of the 6th USENIX UNIX Security Symp San Jose: USENIX, 1996. 1-13. 被引量:1
  • 6Marty R. Snort-Lightweight intrusion detection for networks In: Proc. of the 13th Conf. on Systems Administration. Washington:USENIX, 1999.229-238. 被引量:1
  • 7Warrender C, Forrest S, Pearlmutter B. Detecting intrusions using system calls:alternative data models. In: Proc. of the 1999 IEEE Symp. on Security and Privacy. Oakland: IEEE Computer Society Press, 1999. 133~145. 被引量:1
  • 8Hofmeyr SA, Forrest S, Somayaji A. Intrusion detection using sequences of system calls Journal of Computer Security, 1998,6(3):151-180. 被引量:1
  • 9Lee W, Stolfo S J, Chan PK, Eskin E, Fan W, Miller M, Hershkop S, 2hang J. Real time data mining-based intrusion detection. In:Proc. of the 2nd DARPA Information Survivability Conf & Exposition II. Anaheim: IEEE Computer Society Press, 2001.89 ~100. 被引量:1
  • 10Lee SC, Heinbuch DV. Training a neural-network based intrusion detector to recognize novel attacks, IEEE Trans. on Systems,Man, and Cybernetics-Part A: Systems and Humans, 2001,31(4):294-299. 被引量:1

共引文献26

同被引文献5

引证文献2

二级引证文献1

科学技术与工程
2005年 第13期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部