期刊文献+

黑客入侵检测与安全事故恢复 被引量:5

A New Multi-Function System to Deal with Hacker Intrusion
下载PDF
导出
摘要 为能更有效地实现网络安全,提出并实现了一个集入侵检测、报警、事故恢复、黑客诱骗等功能于一体的多层主动防御体系———黑客监控系统。相比单纯的入侵检测系统,该系统既可实现对黑客的实时监控与诱捕,且能较好地实现容灾。入侵检测与安全事故恢复是黑客监控系统的2个关键部分,它们分别是监视黑客攻击和计算机被黑客攻击或被病毒感染后能使系统尽快恢复正常工作。使网络安全性提升到新的高度。 Our aim is to provide many functions in our new multi-function system for dealing with hacker intrusion. These functions include conventional detection and alert, non-conventional hacker deception and trapping, and restoration of damaged files. Our system is a multi-layer comprehensive active defense system, integrating real-time intrusion detection, alert, security accident restoration, and hacker deception.In the full paper, we explain in much detail how to implement the many functions in our new system. Here we give only a briefing. Compared with conventional IDS(Intrusion Detection System), our new system can not only monitor and trap hackers in real-time mode, but also can realize intrusion tolerance better . The detection function of our system can not only monitor hacker attack but also cleverly track the hacker until the hacker's true source is found. The restoration function of our system can restore important files which have been attacked by hacker or infected by virus.Our new system has been employed successfully on several networks; it can deal effectively with 31 categories of known hacker attacks, whose ways of attack number as many as 2 045.
作者 李伟华 姜兰
出处 《西北工业大学学报》 EI CAS CSCD 北大核心 2005年第3期299-302,共4页 Journal of Northwestern Polytechnical University
基金 国家"863"计划基金(2001AA142060) 西安市科技攻关计划基金(GG04017) 教育部博士点基金(2002CT1101)
关键词 黑客监控 黑客诱骗 安全事故恢复 hacker intrusion, detection, restoration, hacker trapping, security accident restoration
  • 相关文献

参考文献6

  • 1Cole E. Hackers Beware. New Riders Publishing, 2001, 110~134.
  • 2Fiskyx M, Varghese G. Fast Content-Based Packet Handling for Intrusion Detection. UCSD Technical Report CS2001-0670, 2001.
  • 3Coit C J, Staniford S, McAlerney J. Towards Faster Patern Matching for Intrusion Detection or Exceeding the Speed of Snort. In: DARPA Information Survivability Conference and Exposition, 2001.
  • 4Julia Allen, Alan Christie, William Fithenm, et al. State of the Practice of Intrusion Detection Technologies. SecureNetwork, 2000.
  • 5NSA Information Systems Security Organization. NSA Glossary of Terms Used in Security and Intrusion Detection,http://www. sans. org.
  • 6Schneier B. Attack Trees:Secrets and Lies. New York: John Wiley and Sons, 2000, 318~333.

同被引文献19

引证文献5

二级引证文献9

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部