摘要
建立一种新型分布式入侵防御模型并进行应用示例,该模型的知识库采用基于接口的模块化本体,防御方法采用上下文相关的策略。模块化本体能有效克服单一本体推理效率低、扩展性差等缺点,而在模块化本体中采用接口的方法有利于模块的独立进化和灵活配置。本体模块通过发送事件消息能够高效、及时地进行知识更新。
A novel distributed intrusion prevention system model is presented and a use case scenario is given. The model uses interface-based modular ontology as knowledge base and context-depending policy as intrusion prevention method. As opposed to a monolithic approach, the modular ontology has advantages of good extensibility, high-efficient reasoning, etc. Moreover, ontology modules can be developed independently and configured flexibly through the notion of interfaces. By sending incident messages, ontology modules can update their knowledge more promptly and efficiently.
出处
《计算机工程》
CAS
CSCD
北大核心
2010年第17期152-154,共3页
Computer Engineering
基金
安徽省高等学校省级自然科学研究基金资助项目(KJ2008B020)
关键词
入侵防御系统
模块化本体
上下文相关策略
语义网规则语言
intrusion prevention system
modular ontology
context-depending policy
Semantic Web Rule Language(SWRL)
