摘要
在高速网络环境下,为了使网络入侵取证系统(NIFS)对数据包过滤分析处理达到线速,在深入研究网络处理器的基础上,通过对现有网络入侵取证系统的体系结构进行重新设计,提出了在网络底层实现网络入侵取证的新的硬件体系结构,采用网络处理器在网络底层实现数据的采集、过滤、转发,提高了NIFS的运行速度和效率,可较好地适应高速网络环境下的入侵取证分析.
To change the situation of that current process speed of network intrude forensics system(NIFS) can't keep up with the high speed of network,after further studying of network processor and architecure of current network intrude forensics system,a new architecture of network intrude forensics system was proposed,which realized the network intrude forensics in the network infrastructure.The new architecture adopted the network processor to collect,filter and forward data packets in the low level of network.It enhanced the speed and efficiency of NIFS and could be adapted to high speed network.
出处
《郑州轻工业学院学报(自然科学版)》
CAS
2010年第6期13-16,共4页
Journal of Zhengzhou University of Light Industry:Natural Science
基金
河南省科技攻关项目(072102210066)
关键词
网络入侵取证
网络处理器
数据包转发
network intrude forensics
network processor
forwarder of data packets
