摘要
事件检测引擎是基于FTP协议解析引擎中的重要组成部分之一。在对传统的网络安全技术进行研究的基础上,设计和实现了基于IPS的FTP协议事件检测引擎。阐述了FTP协议事件检测引擎的总体框架,建立了相关的模型。该引擎采用先进的NEL语言开发平台,实时地检测出异常流量,实现了实时、高性能的网络安全。
Event detection engine is an important part of protocol analysis engine based on FTP. According to the studies on traditional network security technology, the design and implementation of an FTP event detection engine based on IPS is presented. The architecture and functions of an FTP event detection engine is described with the related model. In the Event detection engine, advanced NEL is used as the development platform, anomaly network flow can be detected real-timely. A real-time and high performance network security is realized.
出处
《计算机应用与软件》
CSCD
北大核心
2008年第6期14-15,29,共3页
Computer Applications and Software
基金
国家自然科学基金(60273079)资助
辽宁省自然科学基金(20052031)资助
关键词
IPS
协议限制规则
FTP
NEL
IPS Protocol restriction rules FTP Neteye event language(NEL)