期刊文献+

基于Snort的入侵检测分层结构的设计与实现 被引量:2

Designing and implementation of a Snort-based layered intrusion detection system
下载PDF
导出
摘要 现有的入侵检测系统缺乏对自身安全性的考虑,且系统配置和调试复杂,严重影响了入侵检测技术的应用与发展。为了加强对系统的安全保护,便于系统部署、配置和调试,采用分层的思想,构造了一种基于Snort的分层入侵检测系统,在系统的传感器和服务器间采用防火墙将主动防御和被动防御进行了结合,并采用OpenSSL组件实现端到端的加密传输。实验结果表明,与原始的系统相比,该系统较大程度地提高了系统的安全性。同时,各层次的独立部署和配置,也极大地简化了系统的调试。 With the rapid development of network technology and the increasingly rich Internet applications, Network security issues become particularly important intrusion detection system as an effective protection technology was proposed. Aiming at the above issue, a Snort-based layered intrusion detection system was designed, in which a fire- wall was adopted between Snort sensor and server combining active defense with passive defense. Also, OpenSSL was adopted to implement end-to-end encryption transmission. The experiment results show that the security of the system is greatly improved comparing with the original system. Meanwhile, it is simplified for administrator to con- figure and debug the system attributing to the independence of system components.
出处 《桂林电子科技大学学报》 2011年第5期369-372,共4页 Journal of Guilin University of Electronic Technology
基金 国家自然科学基金(60862001) 广西研究生教育创新计划(2010105950810M18) 广西教育厅科研基金(201010LX156)
关键词 入侵检测 分层结构 SNORT intrusion detection layered structure Snort
  • 相关文献

参考文献5

  • 1卿斯汉,蒋建春,马恒太,文伟平,刘雪飞.入侵检测技术研究综述[J].通信学报,2004,25(7):19-29. 被引量:234
  • 2Li Zhuowei,DAS A,Zhou Jianying. Theoretical basis for intrusion detection[C]//Proceedings of the 2005 IEEE Workshop on Information Assurance and Security. New York: United States Military Academy,West Point,2005 : 184-191.
  • 3刘喆,王蔚然.分布式防火墙的网络安全系统研究[J].电子科技大学学报,2005,34(3):351-354. 被引量:15
  • 4Koziol J.Snort入侵检测实用解决方案[M].北京:机械工业出版社,2005.
  • 5Snort Users Manual [EB/OL]. [2011-05-10]. http://www. Snort. org/docs/.

二级参考文献50

  • 1JosephG GaryR.专家系统原理与编程[M].北京:机械工业出版社,2000.67-109.
  • 2LEE W,STOLFO S,MOK K. A data mining framework for adaptive intrusion detection[EB/OL]. http://www.cs.columbia.edu/~sal/ hpapers/framework.ps.gz.
  • 3LEE W, STOLFO S J, MOK K. Algorithms for mining system audit data[EB/OL]. http://citeseer.ist.psu.edu/lee99algorithms.html. 1999.
  • 4KRUEGEL C, TOTH T, KIRDA E.Service specific anomaly detection for network intrusion detection[A]. Proceedings of the 2002 ACM Symposium on Applied Computing[C]. Madrid, Spain, 2002. 201-208.
  • 5LIAO Y, VEMURI V R. Use of text categorization techniques for intrusion detection[A]. 11th USENIX Security Symposium[C]. San Francisco, CA, 2002.
  • 6An extensible stateful intrusion detection system[EB/OL]. http://www.cs.ucsb.edu/~kemm/NetSTAT/doc/index.html.
  • 7ILGUN K. USTAT: A Real-Time Intrusion Detection System for UNIX[D]. Computer Science Dep University of California Santa Barbara, 1992.
  • 8The open source network intrusion detection system [EB/OL]. http://www.snort.org/.
  • 9KO C, FINK G, LEVITT K. Automated detection of vulnerabilities in privileged programs by execution monitoring[A]. Proceedings of the 10th Annual Computer Security Applications Conference [C]. Orlando, FL: IEEE Computer Society Press, 1994. 134-144.
  • 10Computer security & other applications of immunology[EB/OL]. http://www.cs.unm.edu/~forrest/isa_papers.htm.

共引文献252

同被引文献15

引证文献2

二级引证文献1

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部