摘要
P2P网络行为检测技术是近年来网络安全研究的热点课题.分析了P2P行为检测技术的难点,概述了传统的P2P检测技术,并指出了优缺点.通过实验研究P2P数据包中的特征值和指纹信息,从分析检测的规则集入手,引入Snort开源入侵检测系统来进行P2P应用行为检测,提出了一种基于P2P应用程序行为的检测方法.
P2P network behavior detection technology is a hot research in recent years. The difficulties of behavior detection technology for P2P was analyzed and the traditional P2P detection technology was overviewed. Furthermore its advantages and disadvantages were analyzed. By the experiment of P2P packet eigenvalue and fingerprint information, the rule set from the start of testing, and the introduction of open source Snort intrusion detection system to detect P2P application behavior, a detection method based on P2P application behavior was put forward.
出处
《湖南文理学院学报(自然科学版)》
CAS
2010年第3期70-72,76,共4页
Journal of Hunan University of Arts and Science(Science and Technology)
关键词
P2P
入侵检测
行为分析
P2P
intrusion detection
behavior analysis