摘要
入侵检测是动态安全技术中最核心的技术之一。从体系结构的演变、检测方法分析和系统测评工作三个方面对当前入侵检测的研究进行技术性综述,讨论了现有的入侵检测体系结构,详细分析了各种入侵检测方法,对现有的入侵检测评估工作进行了总结,指出了当前入侵检测研究中存在的问题和今后发展的趋势。
Intrusion detection, as one of the most active and important network security technology, can compensate the shortcomings of traditional security protection measure. Through building dynamic security cycle, it can promote the protection capacity of system and reduce the security threats as great as possible. An overview of basic issues on intrusion detection is shown in this paper, which is involved with three main aspects of intrusion detection, including Intrusion Detection System (IDS) architecture, intrusion detection methods and IDS evaluation. Firstly, three kinds of IDS architectures are analyzed. Then, current intrusion detection models are given, and their merits or shortcomings are discussed in detail. Finally, some future promising directions are presented.
出处
《计算机应用研究》
CSCD
北大核心
2005年第12期11-14,共4页
Application Research of Computers
基金
上海科技发展基金资助项目(045115006)
关键词
入侵检测
网络安全
Intrusion Detection
Network Security