期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于脚本的千兆位入侵防御开放模型研究

Research on the Mega-Bits Network Environment's Open Model of Intrusion Prevention Systems Based on the Script
下载PDF
导出
摘要 本文着眼于提高入侵防御系统[1]的检测速度和精准度[2],遵循通用入侵检测框架(CIDF)[3]规范,依据基于网络的入侵检测系统(NIPS)的结构要求,依据层次化结构设计的思想,自底向上依次分为数据采集模块、事件生成引擎、策略脚本解释器和入侵防御模块四个部分。最后利用脚本描述,实现一个千兆环境下入侵防御集群开放模型。 Based on the Common Intrusion Prevention Framework (CIDF) and the Network-Based Intrusion Prevention System (NIPS) standards, we present an intrusion prevention system called Gigabits IPS (GIPS), which is used to improve the prevention speed and accuracy, and to ensure high-speed network monitoring. The GIPS consists of the data capture module, the event generation engine, the policy script interpreter and the intrusion prevention module. With the script description, we implement a mega-bits network environment's cluster open model of intrusion prevention systems.
作者 梁波 邓辉 王锋
机构地区 昆明理工大学云南省计算机技术应用重点实验室
出处 《计算机工程与科学》 CSCD 北大核心 2010年第1期32-34,70,共4页 Computer Engineering & Science
基金 云南省科技厅信息专项资助项目(2004IT05)
关键词 入侵防御 动态协议探测 正则匹配 开放 脚本描述 intrusion prevention dynamic protocol detection regular match open script description
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献6

  • 1Nation Institute of Standards and Technology. Guide to Intrusion Prevetion and Prevention Systems (IDPS)[R]. 2007.
  • 2Heberlein L, Dias G, Levitt K, et al, A Network Security Monitor[C]// Proc of the IEEE Symp on Research in Security and Privacy, 1990:296-304.
  • 3余祥宣,卢刚.CIDF的组件通信分析和算法描述[J].计算机工程,2002,28(5):141-142. 被引量:3
  • 4王佰玲,方滨兴,云晓春.零拷贝报文捕获平台的研究与实现[J].计算机学报,2005,28(1):46-52. 被引量:67
  • 5StevensWR.TCP/IP详解卷一:协议[M].北京:机械工业出版社,2000.
  • 6StevensWR.TCP/IP详解卷二:实现[M].北京:机械工业出版社,2000.

二级参考文献13

  • 1[1]Staniford-chen S, Tung B,Schnackenberg D.The Common Intrusion Detection Framework (CIDF). Information Survivability Workshop. Orlando FL,1998-10
  • 2[2]Kahn C, Ponas P, Staniford-chen S,et al. Common Intrusion Detection Framework. Journal of Computer Secutity, 1998-07
  • 3[3]Porras P, Schnackenberg D, Stillman D M,et al.The Common Intrusion Detecti on Framework Architecture.Online, 1999. http://www gidos.org/ drafts/architecture.txt.
  • 4[4]Debar H, Dacier M,Wespi A.Towards a Taxonomy of Intrusion-detect ion Systems. Computer Networks, 1999,31(8): 805 822
  • 5RUBINI A.等著 魏永明 骆刚 姜君译.LINUX设备驱动程序(第2版)[M].北京,中国电力出版社,2002..
  • 6White G.B.,Pooch U..Cooperating security managers:Distributed intrusion detection systems. Computers&Security,1996,15(5);441-450.
  • 7Basu A..Buch V.,Vogels W.,yon Eicken Thorsten.U-Net:A user-level network interface for parallel and distributed computing.In:Proceedings of the 15th ACM Symposium on Operating Systems Principles,Copper Mountain,Colorado,1995.
  • 8Welsh M.,Basu A.,yon Eicken T..Incorporating memory management into user-level network interfaces.Cornell University Ithaca,NY,USA:Technical Report TR97-1620,1997.
  • 9Peter J..Denning:Virtual memory.The Computer Science and Engineering Handbook,1997,1747-1760.http://cne.edu/pjd/PUBS/vm.pdf.
  • 10Jacob B.,Mudge T..Software-managed address translation.In:Proceedings of the 3rd International Symposium on High Performance Computer Architecture,San Antonio,Texas,1997.156-167.

共引文献69

计算机工程与科学
2010年 第1期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部