摘要
随着网络带宽的不断提升,网络入侵检测系统在面对高速流量时往往会出现严重的漏报率。应用并行处理技术可以大幅度提高网络入侵检测系统的检测性能,然而却容易出现检测引擎之间负载均衡不佳的情况。本文提出了一种动态的入侵检测系统负载均衡方法。该方法通过收集各检测引擎的各项性能指标,建立针对数据流的负载均衡机制,根据计算出的评价指标的高低,动态调整入侵检测系统的数据流分发情况,以达到网络入侵检测系统各引擎间处理数据流负载均衡的目的。实验结果证明该方法能够有效地均衡各检测引擎之间数据流的负载。
With the continuous improvement of network bandwidth, network intrusion detection system(NIDS) often has high loss rate in the face of high speed of data flow. The application of parallel processing technique can greatly improve the detecting performance of NIDS, but it is prone to unbalanced load between detection engines. This paper presented a dynamic load balancing method for intru- sion detection system. In order to achieve load balance for steams of NIDS, the method established a load balancing mechanism for data stream, according to the level of calculated evaluation to react dynamic adjusting the situation of streams distribution for NIDS through collected the performance indicators for each detection engine. Experimental results verified that the method proposed can balance |oad of streams distribution effeetively between detection engines.
出处
《网络新媒体技术》
2015年第5期39-44,共6页
Network New Media Technology
基金
国家自然科学基金(编号:61173159)
关键词
网络入侵检测系统
负载均衡
动态调整
数据流
Network intrusion detection system(NIDS) , load balancing, dynamic adjusting, data stream
