摘要
提出了基于Intranet的分布式IPSpoof检测系统。该系统能高效检测Intranet内的IPSpoof行为。分析了目前的IPSpoof防范技术。根据Intranet的特点详细介绍了系统的设计。给出了IPSpoof判定方法、检测系统的关键部件Monitor的设计,并给出了数据采集模块的实现。实验表明,该系统具备高精度、高实时性和低流量的特点,可以在不同规模的Intranet以及网络安全系统中广泛使用。
A distributed IP spoof detection system in Intranet is proposed, which can efficiently detect IP spoof behaviors in Intranet. Current techniques of defending IP spoof are analyzed. Aimed at characteristics of Intranet, the design of the system is introduced in detail. The determination method of IP spoof and the design of the monitor, which is a key component of the system, are presented. The implementation of data capture model is also presented. From the experimentation result, it is concluded that the system has the characteristics of high accuracy and real-time performance, but little data traffic. It can be generalized in Intranet of different scales and in other network security systems.
出处
《控制工程》
CSCD
2005年第2期183-185,共3页
Control Engineering of China
基金
国家自然科学基金资助项目(60173051)
国家教育部博士点基金资助项目(20030145029)
教育部高等学校优秀青年教师教学
科研奖励基金
国家863高技术资助项目(2003AA414210)
