具有预警功能的网络监管体系结构研究被引量：2

Research on the Architecture of Network Monitoring Administration with Precaution

下载PDF

导出

摘要 1引言目前,针对入侵检测系统(Intrusion Detection System,IDS)的研究方兴未艾,如RealSecure、NetRanger、NIDESA.14、EMERALD A.19、Ripper A.21等.每一种都存在各自的缺点,比如较高的误警率或漏警率[1]. The architecture of network monitoring administration with precaution is presented. Related technologies and approaches to realize the architecture are analyzed and provided. The architecture consists of a precaution subsystem and a monitoring administration subsystem. With building an adaptive abnormal detection model and taking abnormal assessment approach, the precaution subsystem can forewarn the intrusion attempts and send the precaution information to the monitoring administration subsystem in real time. Then the monitoring administration subsystem can take some countermeasures in advance. Moreover, based on intrusion tolerance technology, the monitoring administration subsystem can reconfigure the resources and the security policies when facing active intrusions, so as to provide the expected users with timely services and ensure the security of the protected services as well.

作者张险峰张峰秦志光刘锦德

机构地区电子科技大学计算机学院

出处《计算机科学》 CSCD 北大核心 2003年第11期93-96,共4页 Computer Science

基金国家863计划资助项目项目编号:2D02AA142040

关键词预警功能网络监管体系结构入侵检测系统网络安全 NMAP体系结构 Network security ,Precaution, Monitoring administration, Architecture, Intrusion tolerance

分类号 TP393.08 [自动化与计算机技术—计算机应用技术]

引文网络
相关文献

参考文献11

1Axelsson S. Intrusion detection systems: a survey and taxonomy. 14 March, 2000. Available at http: //citeseer. Nj. Nec. Com/axelsson00intrusion. Html
2Mukherjee, Heberlein L T, Levitt K N. Network intrusion detection. IEEE Network, 1994, 8(3): 26 ～ 41
3Eskin E,Miller M,et al. Adaptive Model Generation for Intrusion Detection Systems. Available at: http: ∥ www. Cs. Columbia. Edu/ ids/publications/adaptive-ccsids00. Pdf
4Lee W,Stolfo S J,et al. Real Time Data Mining-based Intrusion Detection. Available at: http: // www. Cs. Columbia. Edu/ids/ concept/
5Lee W, Stolfo S J, Mok K. Data mining in work flow environments: Experiences in intrusion detection. In: proc. Of the 1999 conf. On Knowledge Discovery and Data Ming (KDD-99),1999
6Warrender C,Forrest S,Pearlmutter B. Detecting intrusions using system calls: alternative data models. IEEE Computer Society. In: Proc. Of the 1999 IEEE Symposium on Security and Privacy, 1999. 133～145
7King M, Dalton C E, Osmanoglu T E. Security architecture: design, deployment and operations. Sydney: Osborne/McGrawHill, 2001. 132
8Yau S S, Zhang Xinyu. Computer network intrusion detection, assessment and prevention based on security dependency relation.Available at :http://dlib. Computer. Org/conferen/compsac/0368/ pdf/03680086. Pdf
9wang Feiyi,Gong Fengmin. SITAR: A scalable intrusion-tolerant architecture for distributed services. In:Proc. Of the 2001 IEEE. Workshop on information Assurance and Security. United States Millitary Academy,West Point, NY, 2001 Available at: http:// panda. Ece. Utk. Edu/～fwang2/papers/SITAR-norfolk-2001. Pdf
10Petkac M, Badger L. Security agility in response to intrusion detection. Proceeding of the Sixteenth Annual Compute r Security Applications Conference (ACSAC'00). Available at: http: // www. Acsac. Org/2000/papers/43. Pdf

同被引文献12

1安景琦,刘贵全,钱权.一种基于隐Markov模型的异常检测技术[J].计算机应用,2005,25(8):1744-1746. 被引量：3
2周庆国,陈文波,荆涛,周睿,李廉.基于蠕虫特征的校园网防御体系[J].兰州大学学报（自然科学版）,2006,42(1):106-109. 被引量：4
3廖光忠,陈志凤.入侵检测研究综述[J].网络安全技术与应用,2007(2):31-33. 被引量：1
4Zhu Lina,Sun Chaoyi,Feng Li.Research on Early Warning for Worm Propagation Based on Area-Alert-Level.5th International Conference on Information Assurance and Security,2009,163～166.
5Guim F,Ozalp E,Rodero I,Chester E.A Novel Framework for a Unified International System of Volcano Early Warning and Hazard Tracking.Proceedings of 4th International Conference on Recent Advances Space Technologies,2009,75～82.
6Zhang Jian,Porras Phillip,Ullrich Johannes.Gaussian Process Learning for Cyber-Attack Early Warning.Statistical Analysis and Data Mining,2010,1:56～68.
7John McHugh, AlanC hristie,Julia Allen.Defending yourself:The role of intrusion detection systems[J].IEEE Software,2000(3):45-51.
8Gong J, Lu S,Wang Q.Introduction to computer network security [M].Southeast University Press,2000:203-236.
9叶清,吴晓平,翟定军,付钰.基于证据推理的多agent分布式入侵检测系统模型[J].计算机应用研究,2009,26(8):3063-3066. 被引量：2
10李之棠,杨红云.模糊入侵检测模型[J].计算机工程与科学,2000,22(2):49-53. 被引量：50

引证文献2

1刘筠,卢超.异常检测测试平台的设计[J].计算机工程与设计,2008,29(6):1456-1458. 被引量：2
2汪芳,戴冠中,慕德俊.基于multi-agents的网络防卫体系中预警定位系统的研究与实现[J].西北工业大学学报,2010,28(6):952-957. 被引量：2

二级引证文献4

1李眩.基于网络流量的实时入侵检测[J].信息安全与通信保密,2010,7(7):63-65.
2惠敬文,陈花荣,卢超.IPv6下入侵防御技术的研究[J].科技信息,2010(10). 被引量：1
3于雪莲.面向多级安全的网络安全通信模型及其关键技术研究[J].通讯世界（下半月）,2015(11):18-19.
4刘国城.基于大数据的互联网安全审计过程建模研究[J].兰州学刊,2018,0(3):92-103. 被引量：6

1李鹏程.入侵检测技术[J].电脑知识与技术,2008(8):626-627. 被引量：1
2赵玉明,滕少华,张巍,伍乃骐.异常入侵检测中数据挖掘技术RIPPER的应用[J].广东工业大学学报,2005,22(3):48-52. 被引量：2
3Hokkien.Ahead DVD Ripper注册算法分析与注册机编写[J].黑客防线,2008(4):124-127.
4富士胶片Dimatix公司推出Emerald系列喷墨打印头[J].数码印刷,2011(1):14-14.
5梁永恩.Emerald-MM-8及其在Windows XP下的应用[J].黑龙江科技信息,2009(7):75-75.
6SecureLogic.深入剖析安氏realsecure实进入侵监控器（续）[J].电脑知识与技术（过刊）,2001(24):46-50.
7深入剖析安氏RealSecure实时入侵监控器[J].电脑知识与技术（过刊）,2001(23):49-52.
8邢江宁,张炜.EMERALD:一种基于事件监控的异常检测技术[J].计算机工程与应用,2001,37(24):63-66.
9苏宁.免费入侵检测系统在Solaris9下的实现[J].中国电子商情（通信市场）,2005(06M):55-56.
10樊澜,刘涛.ISS RealSecure 7.0使用手记[J].网络安全技术与应用,2003(4):67-67. 被引量：1

计算机科学

2003年第11期

浏览历史

内容加载中请稍等...

具有预警功能的网络监管体系结构研究被引量：2

参考文献11

同被引文献12

引证文献2

二级引证文献4

相关作者

相关机构

相关主题

浏览历史

具有预警功能的网络监管体系结构研究 被引量：2

参考文献11

同被引文献12

引证文献2

二级引证文献4

相关作者

相关机构

相关主题

浏览历史

具有预警功能的网络监管体系结构研究被引量：2