摘要
入侵检测系统 (IDS)作为一门新兴的安全技术 ,是网络安全系统中的重要组成部分。该文阐述了入侵检测系统的基本原理和功能模块 ,从数据源、检测方法和检测定时三个方面描述了入侵检测系统的分类 ,并对目前国内外入侵检测技术的研究现状作了介绍和分析。随着计算机技术和网络技术的高速发展 ,海量存储和高带宽的传输技术 ,都使得集中式的入侵检测越来越不能满足系统需求。由此指出 ,分布式入侵检测 (DID)必将逐渐成为入侵检测乃至整个网络安全领域的研究重点 。
Intrusion detection system (IDS),as a newly emerging security technology, is the important part of whole security system. Basic principle and functional modules of intrusion detection system are expatiated in this paper , which depicts classification of intrusion detection system based on data source,detection method and detection timing . The actualites of study on intrusion detection technology at home and abroad , such as misuse detection , anomaly detection are also discussed and analyzed . With the development of computer and network technologies, and the popularization of wide-band transportation, traditional centralized intrusion detection systems based on stand-alone computer are unable to meet the security requirements. Therefore, the distributed intrusion detection (DID) has developed into the focus of intrusion detection and the whole realm of network security and offers some technology and theories reliance for the study of intrusion detection.
出处
《计算机仿真》
CSCD
2004年第11期129-132,共4页
Computer Simulation
关键词
入侵检测
入侵检测系统
误用检测
异常检测
分布式入侵检测
Intrusion detection
Intrusion detection system
Misuse detection
Anomaly detection
Distributed intrusion detection
