摘要
从防火墙和入侵检测技术的优缺点和互补性说明了两者的结合点,提出了防火墙与入侵检测技术两种融合策略:规则转换策略和联动策略。由此提出一种基于CVE的网络入侵防御系统。系统以CVE中文漏洞库为研究平台,基于Linux平台。通过测试证明:该系统能够实现及时、全面的网络安全防御。
This paper talked about the combination point from the advantages and disadvantages of firewall and intrusion prevention technology and their complementary and proposed two strategies to merge the firewall and intrusion detection technology: rules conversion strategy and interaction strategy.A network intrusion prevention system based on CVE was proposed.The system was based on CVE Vulnerability Database in Chinese,under the Linux platform.The results of the experiment confirmed that the system can implemente timely and all-round network security defense.
出处
《信息技术》
2011年第7期23-26,共4页
Information Technology
基金
黑龙江省教育厅面上项目(11531042)
关键词
CVE
入侵检测系统
防火墙
规则转换
联动
CVE
intrusion prevention system
firewall
rule transform
interaction
