摘要
基于协议分析的入侵检测系统避免了传统入侵检测系统的计算量大、准确率低的缺陷。在协议分析的基础上,提出了一种基于带权重协议树的入侵检测系统,给出了其设计方案,该方案进一步提高了检测的准确性和效率,并且可以检测变体攻击、拒绝服务攻击等较难检测的攻击。
The paper focuses on research topics of a new IDS architecture and key technologies. It describes a new IDS based on protocol tree with weight. Design of the IDS is proposed in this paper. The technology greatly improves accuracy and efficiency of detection. Some attacks such as polymorphic attacks and denial of services attacks can be detected by this method.
出处
《计算机应用研究》
CSCD
北大核心
2005年第7期150-152,共3页
Application Research of Computers
关键词
入侵检测
协议树
网络安全
Intrusion Detection
Protocol Tree
Network Security