摘要
文章介绍了网络异常的概念和思路,然后对中间件技术做了分析比较,重点提出了一种基于中间件的分布式网络异常检测系统。该系统采用CORBA实现分布式交互,能对网络异常进行分布式检测,与单点异常检测系统相比具有更高的实时性和处理数据的能力,对大型网络效果更好。本系统通过MIB变量相关联地剧烈突变来检测异常的发生。CORBA标准定义的比较完善的安全体系结构使本系统自身的安全性得到了保证。
This paper introduce the concept and thought of network anomaly detection, then analyze and compare the techniques of middleware, and lay emphasis on designing of a distributed network anomaly detection system based on middleware. The system achieves distributed communication through CORBA, and can detect network anomalies through distributed way. It is more real-time and has better ability on data processing compared with single point detection, especially for large network. Anomaly can be detected through correlated abrupt changes of MIB variables. The well defined security framework of CORBA has ensured this network anomaly detection system's own security.
出处
《微电子学与计算机》
CSCD
北大核心
2006年第z1期15-17,19,共4页
Microelectronics & Computer
