摘要
针对入侵检测系统在IPv6网络下检测加密通信时遇到的问题,提出了面向IPSec的入侵检测(IPSO-IDS)模型,该模型应用了非对称密钥机制和LDAP Server,改进了Snort的协议分析模块,设计了客户端密钥交换模块(KEM)、服务端KEM及IDS端KEM,并阐述了相互之间的操作过程。研究结果表明,该模型具有广阔的推广应用前景。
Aiming at the problem of analyzing the IPv6 encrypted conversation on intrusion detetion system, the IPSee oriented intrusion detection system(IPSO-IDS) model were proposed. In the model, the asymmetrical key mechanism and LDAP Server were applied, Snort protocol analysis module was improved. Customer-side key exchange module(KEM) , Server-side KEM and IDS-side KEM were designed. And the mutual operation between each other was explained. The research result shows that the model has the application prospect.
出处
《机电工程》
CAS
2009年第6期90-91,103,共3页
Journal of Mechanical & Electrical Engineering
