摘要
目前入侵检测系统(IDS)得到了越来越广泛的重视,发展日益迅速。然而,IDS在可用性、易用性方面还存在着较大的问题,其中一个方面表现在IDS提供的告警信息过于简单,基于这些信息用户难以对攻击的特点有全面清晰的认识,从而给IDS的发展带来了困难。本文在对网络攻击进行有效分类的基础上,提出了一种支持高精度告警的入侵检测系统,使得IDS能够将网络攻击的主要特征反馈给用户,从而让用户能够准确全面的了解攻击,及时采取相应的防范措施。
IDS is more and more important now, and it's just developing very fast. However, there still lie some problems in IDS, of which a critical one is the alert information seems too simple, and the users are hardly to know the key point of network attack, which makes it diffi- cult for the developing of IDS. Based on the classification of network attack, a new kind of IDS has been implemented. The new IDS can provide high-precise alert messages and supply the main characteristics to user. Then the users can immediately get to know the total aspects of the network attack and take correct actions to prevent it.
出处
《世界科技研究与发展》
CSCD
2008年第1期34-37,共4页
World Sci-Tech R&D