摘要
入侵检测是信息安全保障的关键技术之一,本文介绍了目前入侵检测系统中采用的两种通用模型:通用入侵检测框架(CIDF)和入侵检测信息交互格式(IDMEF),在技术上比较了两者的优势与不足,在集中CIDF和IDMEF优点的基础上,提出一种统一的通用入侵检测框架(UCIDF),用于构造统一的安全管理平台。
Intrusion detection is one of the critical techniques in information assurance. This paper introduces the general situation of the Intrusion Detection System and two kinds of common model used in Intrusion Detection System, including Common Intrusion Detection Framework (CIDF) and Intrusion Detection Message Exchange Format (IDMEF). After the compare between their advantages and disadvantages, one Unified Common Intrusion Detection Framework (UCIDF) is proposed in order to set up one security management platform.
出处
《微计算机信息》
北大核心
2006年第09X期128-130,81,共4页
Control & Automation
