摘要
通过对协议分析技术和免疫系统的理论分析,提出了一种基于协议分析和免疫原理的入侵检测模型。该模型对自我集按协议类型分类,并生成相应的成熟检测器模块。在实际检测中,待检模式按协议类型与相应的成熟检测器模块匹配,从而能有效地提高检测速度,改进了以往模型在这方面的不足。
With theoretical analysis of the principles of protocol analysis and immunity, this paper presents a new intrusion detection model based on protocol analysis and immunological principle. This model can sort self set according to protocol, and generate the relevant mature detector modules. In practical detection,the modes to be detected match the modules of relevant mature detector,so the detection speed can be effectively improved,making up the deficiency of past modes.
出处
《电脑开发与应用》
2007年第1期21-22,25,共3页
Computer Development & Applications
基金
山西省高校科技开发项目(20051202)资助
关键词
入侵检测
免疫原理
协议分析
intrusion detection,immunological principle,protocol analysis
