摘要
首先分析了攻击技术及入侵检测系统的发展趋势。在此基础上,论文提出了一个新的分布式入侵检测系统。其体系结构包括边界传感器、主管传感器、中央控制台三个层次。然后描述了各个层次的具体实现方案以及各个组件之间的安全通信机制。最后分析了DIDS的优势与缺陷,并提出了弥补缺陷的解决措施。经试验,论文实现的DIDS在入侵检测的质量、性能、自身安全性、兼容性等方面都有比较优良的表现。
At first,the directions of attack technologies and intrusion detection systems are analyzed.A new distributed intrusion detection system is described.Its architecture consists of three layers as border sensors,master sensors and the central console.The specific implementation of all these layers and the security communication mechanism among all these components are described.In the end,the advantages and disadvantages of DIDS are analyzed and solutions to the disadvantages are also presented.As the experiments prove,the implemented DIDS have some advantages in the quality,performance,self-security and compatibility of intrusion detection.
出处
《计算机工程与应用》
CSCD
北大核心
2003年第4期1-3,8,共4页
Computer Engineering and Applications
基金
国家863高技术研究发展计划项目资助(编号:2001AA142100)
国家教育部博士学科点基金资助(编号:20010699018)
关键词
分布式入侵检测系统
计算机网络
防火墙
网络安全
边界传感器
Distributed Intrusion Detection System,Border sensor,Master sensor,Console,Intrusion Alert Protocol
