摘要
随着计算机网络的迅猛发展,网络安全问题也日益严重,单一的集中式的入侵检测系统已不能满足网络安全发展的需要,分布式入侵检测系统应运而生。实现了一个分布式的入侵检测系统,将反弹木马的反向连接技术应用到客户端与服务器端的通信上,在客户端采用多线程技术捕包,通过系统进程与端口通信相结合检测特洛伊木马。通过管理端对局域网络各个位置的Agent客户端进行统一部署策略和实时监控,加强了校园网络的安全。
With the great development of computer network, the network security problem becomes more serious, the single IDS can not meet the needs of network security, so the DIDS comes forth. A distributed intrusion detection system is brought forward, the inverted connection technology of the rebound Trojan horse is applied to the communication between agents and server, the agents adopt multi-thread technology to capture the packets, and it can detect the Trojan horse by the incorporation of the system process and the port communication. The server can deploy the uniform tactics to the agents and it can monitor the agents in real time, and so the DIDS enhances the network security.
出处
《计算机工程与设计》
CSCD
北大核心
2009年第6期1383-1386,共4页
Computer Engineering and Design
