摘要
随着计算机网络的发展与普及,网络内部的安全性越来越受到人们的关注,如何对局域网内部主机的行为进行监视与控制是解决问题的基础和关键所在。本文提出了一种基于C/S模型的分布式网络行为监控系统的设计框架及主要功能,并对实现过程中的软件体系结构、报文解析引擎和网络行为分析引擎等关键技术进行了讨论;最后给出了本系统的应用方向及系统测试结果。
With the development and prevalence of networks, the security inside the networks is becoming more and more important. How to monitor and control the actions of host computers in LANs is the key to solving this question. This paper introduces the framework and functions of distributed network monitoring system based on the C/S model, and discusses several key technical points such as software architecture, packet decode engine, and so on. Finally the paper gives the application trend of this system and the test results.
出处
《计算机工程与科学》
CSCD
2005年第10期13-16,共4页
Computer Engineering & Science
基金
国家863计划资助项目(2003AA142010)
关键词
网络行为
协议分析
网络会话
网络监控
有限自动机
network behavior
protocol analysis
network session
network monitoring
finite state machine
