摘要
入侵检测系统 ( IDS)作为网络在防火墙之后的第二道安全闸门 ,其重要性正日益凸显。对入侵检测系统 ( IDS)中最重要的数据采集 ,数据分析及报警响应功能进行研究 ,提出基于模式匹配和基于网络协议分析相结合的模式匹配方法 ,以及改进的基于 Boyer- Moore- Horspool的快速匹配算法 ,同时 ,采用了类似 SNORT检测规则。
As the second gateway behind Fireworks in Network,The IDS become more and more important now. The article research function of data mining and analyzing ,mounted access which are the most important parts in IDS . It put forward method of pattern matching combining network protocol analyze and pattern match .At the same time ,it lodges a fast mending matching algorithm based on Boyer Moore Horspool algorithm and takes the inspecting rule like SNORT . At last ,it realizes all of them as a module of inspection and analyzing.
出处
《武汉理工大学学报》
CAS
CSCD
2003年第8期67-70,共4页
Journal of Wuhan University of Technology
关键词
模式匹配
检测规则
匹配算法
pattern match
inspection rule
matching algorithm
