摘要
随着无线局域网的飞速发展,无线入侵防御系统正成为网络安全领域的研究热点。本文在分析无线局域网常见攻击方法的基础上,设计了一个分布式无线入侵防御系统预先决策引擎(distributed pre-decision engine,DPDE),能够有效地预测攻击者的入侵意图并提供主动的入侵防御。DPDE引擎采集无线设备信息,在规划识别中引入规划支持程度,扩展了入侵检测规则,并对攻击规划的推导过程进行了改进。实验测试表明,预先决策引擎不仅提升了无线入侵检测和防御的性能,还有效减少漏警和虚警的产生。
Nowadays wireless intrusion prevention systems have become the research hotspot with the fast development of WLAN.In this paper,we first introduce the common attack methods for WLAN,and then present the framework of the wireless IPS with a distributed pre-decision engine,which can predict the future actions and direct active responses to these actions.We implement an improved model with extended detection rules for conducting intrusion plan and making pre-decision,by gathering wireless device information and importing supporting degree of intrusion plan in plan recognition.Experimental results showed that the distributed pre-decision engine can not only improve wireless intrusion detection and prevention performance,also reduce false negatives and false positives evidently.
出处
《电信科学》
北大核心
2010年第10期80-86,共7页
Telecommunications Science
基金
浙江省自然科学基金资助项目(No.Y1080821)
关键词
入侵防御系统
规划识别
检测规则
网络安全
intrusion prevention system
plan recognition
detection rule
network security
