摘要
网络技术的不断发展,分布式计算环境的广泛采用海量存储和高带宽传输技术的普及,网络系统结构的日益复杂,都使得传统的基于单机的集中式入侵检测系统遇到了极大的挑战。传统的入侵检测技术通过在网络中放置多个传感器(探测器)收集网络状态信息,然后再把这些信息送到一个中央控制台分析处理。中央控制台的工作负荷过大,成为系统运行的瓶颈,在加上由于网络传输的延迟,探测器送给中央控制台的网络状态信息有可能不及时,这种模型在面对大规模、异构网络环境以及分布式协同攻击的情况下显得力不从心。在这样的情况下,分布式入侵检测系统(Distributed Intrusion Detection System,DIDS)应运而生,并成为目前入侵检测研究领域的一个研究热点。
With the continuous development of the network technology, extensive use of Distributed Computing Environment, popularity ot mass storage devices and high-bandwidth transmission technology, and increasingly complex network structure, all made traditional hostbased Intrusion Detection System encountered a big challenge. By numbers of sensor set in network Host-based IDS, the system collect network status which is transferred and analyzed in center console. Because of the overload of center console which becomes bottleneck at runtime, network transmission delay, and the network status which is transferred to center console may be not timely, Host-based IDS looks incompetence as it confronts the distributed collaborative attack in large-scale heterogeneous network environment. Under such circumstances DIDS (Distributed Intrusion Detection System) emerges as the times require, and becomes a hot field in Intrusion detection research.
作者
胡晓璐
HU Xiao-lu (Information Technology School of Nanjing Xiaozhuang College, Nanjing 211171, China)
出处
《电脑知识与技术》
2008年第11期877-878,共2页
Computer Knowledge and Technology
关键词
分布式计算
协同技术
入侵检测
Distributed Computing
Collaborative Technology
Intrusion Detection
