摘要
基于对协议分析技术的研究设计实现了一种WWW安全监控系统,弥补了许多现有同类系统的技术缺陷,利用会话重组、内容检查、协议解码等关键技术,实时检测各种包含敏感信息的WWW访问,并对非法访问的内容进行完整记录和重现,同时还能检测针对HTTP协议和WWW服务器的攻击。实际应用效果表明该系统部署方便、可扩展性强,具有很好的效率和准确率。
In this article, propose a WWW security monitoring system that based on protocol analysis technique. By using command decoding, session reassembling, content inspection and other protocol analysis methods, the system can detect and record the WWW session that include illegal information or malicious data. According to intensive test, the system can be deployed and scaled conveniently, and can provide high performance and accurate results at same time.
出处
《微机发展》
2005年第11期4-6,10,共4页
Microcomputer Development
基金
国家"八六三"计划基金资助(2003AA144150)
关键词
协议分析
WWW安全监控
内容检查
会话重组
protocol analysis
WWW security monitoring
content inspection
session reassemble
