摘要
入侵检测是网络安全的一种重要手段,为提高入侵检测的准确性,文中提出了一种基于数据融合的分布式入侵检测系统,并详细论述了该系统的网络设计、包采集分析、局部判决、融合中心事件关联和数据融合等各个环节的具体设计与实现方法,分析表明文中提出的事件关联规则和加权表决法决策融合算法对分布式入侵检测系统是十分有效的。
Intrusion detection is an important means of network security. This paper presents a kind of distributed IDS based on data fusion to improve the veracity of intrusion detection. It also discusses the design and realization of each step of this kind IDS in detail, including the net- designing, packet collecting and analyzing, local judging, event relating, data fusion in fusion center. What this paper put forward such as the regulation 'of event relating and the decision arithmetic of voting with weight in data fusion is useful.
出处
《计算机技术与发展》
2006年第2期217-219,共3页
Computer Technology and Development
关键词
入侵检测
数据融合
事件关联
加权表决法决策
intrusion detection
data fusion
event relating
decision arithmetic of voting with weight