摘要
在分析入侵检测系统的基础上,指出现有规则匹配算法的不足.提出一种新的规则匹配算法,该算法主要利用非精确匹配技术,缩小入侵分类的检测范围,达到快速匹配的目的.根据不同的安全性要求设置不同的门限值,该算法可用于预测适合不同门限值的可疑入侵行为.
Based on the analysis of network intrusion detection systems, this paper points out the shortage of existing rule-matching algorithms, and then puts forward a new fast rule-matching algorithm. This algorithm is fast and effective because it uses the fuzzy matching method, and reduces the ranges of intrusion classes. In addition, such algorithm can be used to identify the suspicious intrusion behavior according to the different threshold that is set up based on various security levels.
出处
《海军工程大学学报》
CAS
2004年第5期71-73,共3页
Journal of Naval University of Engineering
关键词
入侵检测
网络安全
快速规则匹配
intrusion detection
network security
fast rule-matching