期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于网络处理器的入侵检测方法 被引量:1

Intrusion Detection Methods Based on Network Processor
下载PDF
导出
摘要 入侵检测是网络安全的核心技术。随着网络速度的不断提升,现有NIDS的检测速度已不适应千兆位以上网络,漏检率和误检率越来越高。网络处理器以高度并行、硬件多线程、多级存储和灵活可编程等先进技术提供高速的数据包处理性能。该文对利用网络处理器解决入侵检测的速度瓶颈提出了观点、方法和策略,设计和实现了一个面向入侵检测的高速网络处理器原型。 Intrusion detection is a dynamic core technology in network security. With the ever-increasing wire-speed and packets dropping and false positive the existed NIDS doesn't fit for high-speed network any longer. Network processor can analyze packets in parallel mode and shorter inner latency by using hardware threads, multi-level memories, and obtain flexibility by using programmable components. This paper builds a validate high-speed platform for intrusion detection and achieves much good approaches, methods and ideas to overcome the speed bottleneck in current IDS.
作者 魏利华 张晓明 唐玉华 孙志刚
机构地区 浙江嘉兴学院信息工程学院 国防科技大学计算机学院
出处 《计算机工程》 EI CAS CSCD 北大核心 2006年第7期160-162,共3页 Computer Engineering
基金 国家"863"高技术基金资助项目(2003AA115130)
关键词 网络处理器 入侵检测 多级并行 硬件线程 调度策略 Network processor Intrusion detection Multi-level parallel Hardware thread Scheduling policy
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献11

  • 1Uzuncaova E.Generic Software Architecture for Deception-based Intrusion Detection and Response Systems[D].Performer:Naval Postgraduate School,Monterey,CA,2003-03.
  • 2Reilly M E.Scalable Intrusion Detection and Response Framework[R].Odyssey Research Associates,Inc.Final Technical Rept.,2002-10.
  • 3孙钦东,张德运,高鹏,张晓.网络入侵检测系统的拒绝服务攻击的检测与防御[J].西安交通大学学报,2004,38(2):132-135. 被引量:5
  • 4杜建国,郭巧.协议分析和命令解析在入侵检测中的应用[J].计算机工程与应用,2004,40(18):159-162. 被引量:13
  • 5Smith J,Greenwald M,Lewis E,et al .Advanced Broadband Intrusion Detection Engine (ABIDE) Report on Seedling Project[R].University of Pennsylvania,Dept.of Comp.& Info.Science.Final Rept.:A064424,2003-06-13.
  • 6Anagnostakis K G,Markatos E P,Antonatos,et al.E2xb:A Do-main Specific String Matching Algorithm for Intrusion[C].Proceedings of the 18^th IFIP International Information Security Conference (SEC2003),2003-05.
  • 7Allen J R.IBM PowerNP Network Processor:Hardware,Software,and Applications[J].IBM J.RES.& DEV.,2003,47 (2/3).
  • 8Roberts L G.Beyond Moore's Law:Internet Growth Trends[J].IEEE Computer,2000,33 (1):117-119.
  • 9Intel Corporation.Intel IXP1200 Network Processor Family Hardware Reference Manual[Z].2001.
  • 10Agere Systems Corp.The Challenge for Next Generation Network Processors[Z].http://www.agere.com/ enterprise_metro_access/net work_processors.html,2004-02-19.

二级参考文献8

  • 1Protocol Analysis and Command Parsing vs.Pattern Matching in In-trusion Detection System.http://www.networkice.com
  • 2[1]Ptacek T, Newsham T. Insertion, Evasion, and denial of service: Eluding network intrusion detection [EB/OL]. http:∥citeseer.njnec.com/ptacek98insertion. html,2003-01-15.
  • 3[2]Ansen W, Mell P,Karygiannis T, et al. Mobile agents in intrusion detection and response [A]. 12th Annual Canadian Information Technology Security Symposium, Ottawa, Canada, 2000.
  • 4[3]Roesch M. Snort - lightweight intrusion detection for networks [A]. Proceedings of the USENIX LISA'99 conference [C]. Washington: Usenix Association, 1999.229~238.
  • 5[4]Undy M. TCPReplay manual [EB/OL]. http://packetstorm.widexs.nl/UNIX/IDS/nidsbench/tcpreplay.html,2002-12-12.
  • 6[5]Giovanni C. Draft white paper on stick [EB/OL].http://packetstormsecurity.nl/distributed/stick.htm,2002-11-15.
  • 7[6]ACM SIGCOMM. The Internet traffic archive [EB/OL]. http://ita.ee.lbl.gov/,2002-10-21.
  • 8MarcusGoncalves KittyNiles 黄锡伟 杨震 译.IPv6网络[M].北京:人民邮电出版社,2000..

共引文献16

同被引文献3

引证文献1

计算机工程
2006年 第7期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部