期刊文献+

入侵检测系统:原理、入侵隐藏与对策 被引量:13

Intrusion Detection System: Evading and Finding
下载PDF
导出
摘要 入侵行为给基于网络的计算机信息系统的安全带来巨大威胁,入侵检测系统(IDS,IntrusionDetectionSystem)作为重要的安全工具而成为研究的热点。文章首先介绍IDS的基本概念和组成,研究各类IDS的工作原理及其优缺点,然后分析当前难以对付的几种隐藏入侵迹象、逃避IDS检测的方法,并进一步探讨相应的对策,对IDS今后的发展方向提出了看法。 While more and more frequent intrusions bring severe security threats to the network- based Computer Information System(CIS),the Intrusion Detection System(IDS) which is an important kind of security protection tools has become a hotspot for research. In this paper,we describe the concept of the IDS,introduce its elementary components and study the working theory and the pro and con for each kind of it,then we analysis several ways to evade the detection of IDS that are used by intruders and hard to deal with at present,search for the countermeasure for them,and mention of the developing direction of IDS at the same time.
出处 《微电子学与计算机》 CSCD 北大核心 2002年第1期54-59,共6页 Microelectronics & Computer
关键词 计算机信息安全 入侵检测系统 入侵隐藏 计算机网络 防火墙 Computer information system, Security, Intrusion, Intrusion detection system
  • 相关文献

参考文献12

  • 1Debar, Hervé and Dacier et al. Towards a Taxonomy of Intrusion Detection Systems. Zurich, Switzerland, IBM Research, 1998(http: ∥www. zurich. ibm. com/). 被引量:1
  • 2T H Ptacek and T N Newsham. Insertion, evasion, and denial of service: Eluding Network Intrusion Detection.Technical report, Secure Networks Inc., January 1998. 被引量:1
  • 3http:∥www. phrack. org. 被引量:1
  • 4林曼筠,钱华林.分布式拒绝服务攻击:原理和对策[J].计算机科学,2000,27(12):41-45. 被引量:5
  • 5D Malkhi and M Reiter. Unreliable Intrusion Detection in Distributed Computations, Proc. of the 10th Computer Security Foundations Workshop, Rockport, MA, June 1997:116 ~ 124. 被引量:1
  • 6Paxson V . Bro: A System for Detecting Network Intruders in Real- Time. In Proc. of the 7th USENIX Security Symposium, San Antonio, TX, January 1998. 被引量:1
  • 7The LIDS Project. http: ∥www. lids. org. 被引量:1
  • 8Snapp S R, Brentano J, Dias G V, et al. DIDS - Motivation,Architecture and an Early Prototype, Proc. of the 14th National Computer Security Conference, Washington, D C.,Oct. 1991:167 ~ 176. 被引量:1
  • 9Eugene H Spafford and Diego Zamboni. Intrusion detection using autonomous agents. Computer Networks, October2000, 34(4): 547 ~ 570. 被引量:1
  • 10陈硕,安常青,李学农.分布式入侵检测系统及其认知能力[J].软件学报,2001,12(2):225-232. 被引量:44

二级参考文献7

  • 1[1]Available at: http://www, cert. org/incident-notes/IN-99-04. html ,CERT Incident Note:IN-99-04:Distributed Denial of Service Tools 被引量:1
  • 2[2]Available at: http://www. cert. org/advisories/CA-2000-01:Denial-of-Service DevelopmentsCA-99-17-denial-of-service-tools. html 被引量:1
  • 3[3]Available at: http://www, cert. org/reports/dsit-workshop. pdf "Results of theDistributed-Systems Intruder Tools Workshop" 被引量:1
  • 4[4]David Dittrich's. Available at:http://staff. washington. edu/dittrich/misc/ ·The DoS Project's "trinoo"distributed denial of service attack tool ·The "Tribe Flood Network" distributed denial otr service attack tool ·The "stacheldraht" distributed denial of service attack tool 被引量:1
  • 5[5]RFC 2267-Network Ingress Filtering:Defeating Denial of Service Attacks which Employ IP Source Address Spoofing 被引量:1
  • 6[6]Available at: http: // packetstorm. securify, com/distributed “Protecting against the unknown”, by Mixter“Learning to cope with the SYNs of the Internet”.,by NightAxis & Rain Forest Puppy 被引量:1
  • 7靳蕃.神经网络与神经计算机的基本原理和应用[J].计算机应用,1991,11(2):54-57. 被引量:20

共引文献46

同被引文献51

  • 1宁彬.基于数据挖掘的入侵检测系统研究[J].微计算机信息,2008,24(6):97-98. 被引量:10
  • 2郑志诚.浅析入侵检测系统(IDS)的原理与现状[J].数码世界(A),2007,6(02A):21-22. 被引量:2
  • 3Jiawei Han Micheline Kamber.数据挖掘概念与技术[M].范明,孟小峰译.北京:机械工业出版社,2007:3-18,147-156,189-197,251-300. 被引量:4
  • 4张翰帆.基于数据挖掘的入侵检测系统[D].南京:工业大学,2004. 被引量:3
  • 5[3]Berry M J,Linoff G.Data mining techniques for marketing, sales and customer support [M].New York:John Wiley &Sons,1997. 被引量:1
  • 6[1]刍议IPv6的安全问题[OL].http://www.cc-ie.com/tech/Article-Show.asp?ArticleID=2004. 被引量:1
  • 7[2]IPv6的安全机制和实施[OL].http://www.jz165.com.cn/Article/ShowArticle.asp?ArticleID=138. 被引量:1
  • 8[6](美)Christian Huitema 著.陶文星,胡文才,译.新因特网协议IPv6(第二版)[M].清华大学出版社, 1999, 98-116. 被引量:1
  • 9鲍震.入侵检测研究现状及其发展[J].科技信息,2007,(8):181-182. 被引量:2
  • 10David Wetherall , Service Introduction in an Active Network, Ph. D thesis, M.I.T., 1999. 被引量:1

引证文献13

二级引证文献54

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部