摘要
入侵行为给基于网络的计算机信息系统的安全带来巨大威胁,入侵检测系统(IDS,IntrusionDetectionSystem)作为重要的安全工具而成为研究的热点。文章首先介绍IDS的基本概念和组成,研究各类IDS的工作原理及其优缺点,然后分析当前难以对付的几种隐藏入侵迹象、逃避IDS检测的方法,并进一步探讨相应的对策,对IDS今后的发展方向提出了看法。
While more and more frequent intrusions bring severe security threats to the network- based Computer Information System(CIS),the Intrusion Detection System(IDS) which is an important kind of security protection tools has become a hotspot for research. In this paper,we describe the concept of the IDS,introduce its elementary components and study the working theory and the pro and con for each kind of it,then we analysis several ways to evade the detection of IDS that are used by intruders and hard to deal with at present,search for the countermeasure for them,and mention of the developing direction of IDS at the same time.
出处
《微电子学与计算机》
CSCD
北大核心
2002年第1期54-59,共6页
Microelectronics & Computer