期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

网络安全信息管理与分析系统研究与实现 被引量:7

Research and implementation of management and analysis system for network security information
下载PDF
导出
摘要 网络安全产品之间由于缺乏数据信息交换机制,导致了各自的安全信息不能彼此共享;同时为了解决网络上大量的报警和误报,这就需要找出网络检测数据深层次关系,并高效地检测已知、未知的攻击,由此提出了网络安全的信息管理与分析系统,同时给出了事件聚合、关联分析方法,提取关联规则,达到进一步聚合安全事件,从而达到全面分析的目的。 Because of the lack of data exchange mechanism, security product can't sharing the security information each other. In order to resolve the large volume of alarm message or false alarm, discovery the immanent relationship in detected data and effectively detect diversified attack, a network security management and analysis system is put forward, simultaneously, analytical method of data fusion and data association is discussed and the security event information can be gathered, all what are taken to achieve the all-around analysis about security information.
作者 王成 陈蜀宇
机构地区 重庆大学计算机学院 重庆大学软件学院
出处 《计算机工程与设计》 CSCD 北大核心 2007年第19期4625-4627,共3页 Computer Engineering and Design
基金 教育部"新世纪优秀人才支持计划"基金项目(NCET-04-0843)
关键词 网络安全 入侵检测 关联分析 聚类分析 概化 network security intrusion detection association analysis cluster analysis generalization
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献8

  • 1连一峰,戴英侠,胡艳,许一凡.分布式入侵检测模型研究[J].计算机研究与发展,2003,40(8):1195-1202. 被引量:36
  • 2Yang Xin.Alerts management in distributed cooperative intrusion detection system[D].Graduate School of Chinese Academy of Sciences,2003.
  • 3经小川,胡昌振,谭惠民.网络协同攻击及其检测方法研究[J].计算机应用,2004,24(11):25-27. 被引量:10
  • 4Raffeeq U R Rehman.Intrusion detection systems with snort[M].New Jersey:Prentice Hall,2005.
  • 5Yang G E.Relation discovery in SDH alarms[D].School of Electron and Information,University of Electronic Science and Technology,2004.
  • 6韩宗芬,杨志玲,储杰,涂旭平.一种用于网络安全系统的报警聚类与关联模型[J].计算机工程与科学,2005,27(10):8-9. 被引量:4
  • 7Kamber M.Data mining:Concepts and techniques[M].Beijing:China Machine Press,2005.
  • 8John H Terpstra,Paul Love,Ronald P Reck.Hardening Linux[M].北京:清华大学出版社,2006:272-302.

二级参考文献21

  • 1[1]GREEN J,MARCHETTE D,NORTHCUTT S.Analysis Techniques for Detecting Coordinated Attacks and Probes [ EB/OL].http:∥www.blacksheepnetworks.com/security/info/misc/coord.html,2004.
  • 2[2]ECKMANN ST,VIGNA G,KEMMERER PA.Statl:An attack language for state-based intrusion detection[ A].Proceedings of the ACM Working on Intrusion Detection[ C].2000.
  • 3[3]PENG N.Abstraction-based Intrusion Detection in Distributed Environments[D].George Mason University,2001.
  • 4[4]BRO PV.A system for detecting network intruders in real-time [A].Proceedings of the 7th Usenix Security Symposium[ C].1998.
  • 5S R Snapp, S E Smaha, D M Teal et al. The DIDS (distributed intrusion detection system) prototype. In: USENIX Association.Proc of the Summer 1992 USENIX Conf. Berkeley, CA, USA:USENIX Association, 1992. 227--233.
  • 6S Staniford-Chen, S Cheung, R Crawford et al. GrlDS---A graph based intrusion detection system for large networks. The 19th National Information Systems Security Conference (NISSC),Baltimore, MD, USA, 1996. 1:361-370.
  • 7J S Balasubramaniyan, J O Garcia-Fernandez, D Lsaeoff et al.Architecture for intrusion detection using autonomous agents.COAST Laboratory, Purdue University, COAST Tech Rep: 98-05, 1998. http://www. cerias. purdue.edu/homes/aafid/docs/tr9805, pdf.
  • 8P A Porras, P G Neumann. EMERALD: Event monitoring enabling responses to anomalous live disturbances. The 20th National Information Systems Security Conf(NISSC), Baltimore,MD, USA, 1997.353-365.
  • 9J Pickel, R Danyliw. Enabling automated detection of security events that affect multiple administrative domains.Information Networking Institute, Carnegie Mellon University, Pittsburgh,PA, USA, 2000. http://www. incident.org/thesis/bookl. html.
  • 10C Krugel, T Toth. Distributed pattern detection for intrusion detection. The Network and Distributed System Security Symposium Conf, San Diego, CA, USA, 2002.

共引文献45

同被引文献56

引证文献7

二级引证文献14

计算机工程与设计
2007年 第19期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部