摘要
随着网络的发展和对网络安全的逐步重视,入侵检测系统的研究越来越受到关注。对于入侵检测系统的框架模型、采用的匹配策略和不同检测系统之间的协作模式等,都已经做了许多工作,并已经形成了相对统一的标准。但是,对入侵检测系统在实际操作中应该如何达到配置最优缺少相应的研究。该文运用非马尔科夫模型进行仿真模拟,指出影响入侵检测系统性能的几个关键参数,给出特定流量模式下达到最优性能的配置方法。采用与实际情况更为贴近的仿真模型,考虑更多的参数是今后研究发展方向。
With the development of Internet,more and more focuses have been put on network security.The research of intrusion detection system has attracted attention of many institutions.Many works on the model of IDS,match strategy and cooperation between several systems have been completed,but little research work has been done upon optimizing configuration of IDS in real environment.This paper uses non-Markov Model to simulating real IDS and gives several key parameters that have definitive effect on intrusion detection system's performance.According to the configuration method provided by this paper,one IDS can achieve a best performance in the specific environment.Using a more reality simulating system with more parameters being thought of is the research direction in the future.
出处
《计算机工程与应用》
CSCD
北大核心
2004年第7期139-141,共3页
Computer Engineering and Applications
