期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于规则库优化算法的网络入侵检测系统研究与应用 被引量:2

STUDY AND APPLICATION OF INTRUSION DETECTION SYSTEM BASED ON RULE-BASE OPTIMIZATION ALGORITHM
下载PDF
导出
摘要 为克服通用入侵检测框架模型(GIDF)及其各组成部分在设计和实现中存在的弱点,在对一个开放性入侵检测系统软件Snort进行分析的基础上,提出增加宽度搜索与动态选项链表相结合的规则匹配操作优化算法;实验表明,改进后的系统通过增加宽度搜索提高了选项匹配的并行性;通过采用动态选项链表优化了规则匹配的顺序,缩短了深度搜索的深度,从而从整体上切实提高了Snort的检测速度。 To overcome the weakness of the generic intrusion detection framework(GIDF) and its various components in design and implementation, a rule-base optimization algorithm is proposed based on the analysis of the open-system Snort. Experiments show that the parallelizability of option matching is improved by adding the width-searching,and the depth of rule matching is shortened by adjusting dynamically the sequence of rules. Thus, the overall performance of Snort is enhanced effectively.
作者 石夫乾 林征 徐江
机构地区 温州医学院 浙江大学现代工业设计研究所
出处 《计算机应用与软件》 CSCD 北大核心 2007年第12期202-204,共3页 Computer Applications and Software
关键词 基于网络的入侵检测系统 规则匹配 动态选项链表 Network-based intrusion detection system Rule matching Dynamic option list
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献10

  • 1Anderson J P. Computer security thread monitoring and surveillance [R]. Fort Washington, PA :Jame P Anderson Co, 1980.
  • 2Denning D E. An, intrusion-detection model[ J]. IEEE Transaction On Software Engineering, 1987, SE-13:222 - 2321
  • 3Snapp S R,Brentano J,Dias G V,et al. A system for distributed intrusion detection [A]. Proceedings of the IEEE COMPCON 91[C] .Sin Francisco,CA:IEEE,1991:170 - 176.
  • 4Chen S S, Cheung S, Dilger M, et al. GrIDS-A graph-based intrusion detection system for large networks[ R ]. Baltimore, MD.The 19th National Information Systems Security Conference, 1996.
  • 5Cheung S, Craford R, Dilger M, et al. The design of GrIDS.A graphbased intrusion detection system [ R ]. University of California, Davis Department of Computer Science, 1999.
  • 6Ross Andersion, Abida Khattak. The use of information retrieval techniques for intrusion detection [ R ]. Louvain-la-Neuve, Belgium: Proceeding of RAID'98, 1998.
  • 7Catalyst 3560 Switch Software Configuration Guide, Ciseo IOS Release 12. 2 (20) SE. [ EB/OL] http://cisco. ccxx. net/oh/45. html May 2004.
  • 8Boyer R S,Moore J S. A fast string searching algorithm [J]. Communications of the ACM,1977,20(10) :762-772.
  • 9Community Rules for Snort 2 4, VER :2.4 RELEASED. [ EB/OL].http://www. snort, org/pub-bin/downloads.cgi 2006 - 09 - 13.
  • 10Galen A. Grimes, Network security managers'preferences for the Snort IDS and GUI add-ons [J]. Network Security,2005 (4) : 19 - 20.

同被引文献16

  • 1乔佩利,张世斌.基于CVE的入侵检测系统规则库的实现[J].网络安全技术与应用,2005(5):50-52. 被引量:2
  • 2高平利,任金昌.基于Snort入侵检测系统的分析与实现[J].计算机应用与软件,2006,23(8):134-135. 被引量:24
  • 3The Open Source Network Intrusion Detection System.http://www.snortorg/.
  • 4Martion Roesch.Snort-lightweight Intusion Detection for Networks[R].USEN IX Lisa,1999.
  • 5Wu S,Manber U.A Fast Algorithm For Multi-Pattern Searching.Technical Report TR-94-17.University of Arizona,1994:1-11.
  • 6Boyer RS,Moore JS.A fast string searching algorithm[J].Communications of the ACM,1977,20 (10):762-772.
  • 7Sun Kim.A new string-pattern matching algorithm using partitioning and hashing effectively[J].Journal of Experimental Algorithmics,1999,12:1-18.
  • 8MIT Lincoln Labs.DARPA intrusion detection evaluation[DB/OL].http://www.ll.mit.edu/IST/ideval.
  • 9BrianCaswell JayBeale.Snort2.0入侵检测[M].北京:国防工业出版社,2004..
  • 10林国庆,王新梅.利用多线程技术改造Snort系统[J].西安电子科技大学学报,2007,34(6):887-894. 被引量:3

引证文献2

计算机应用与软件
2007年 第12期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部