摘要
针对许多基于Windows平台的中小型网站提出的安全需求,在分析相关数据截获与访问控制技术的基础上,提出了一种以改造的Snort规则库作为攻击特征库,利用SPI实现检测引擎,利用NDIS实现主动响应构件的Windows主机入侵检测与响应系统,它实现简单灵活,透明性和可维护性较好。
The technology of data intercepting and access controlling is analyzed, an intrusion detection and response system to satisfy the security requirement of the middle and small websites in windows are brought out. This system improves the Snort rules, uses SPI program to implement the detection engine, and uses NDIS to implement the response component. It's simple, transparent and maintainable.
出处
《计算机工程与设计》
CSCD
北大核心
2008年第9期2192-2194,共3页
Computer Engineering and Design
基金
国家863高技术研究发展计划基金项目(2006AA01Z457)
金盾工程基金项目(J1GAB23W013)
