摘要
通过对实时网络入侵检测系统的分析研究 ,提出了一个实时入侵检测系统设计的总体框架模型 ,对高速网络监测、实时通告 ,以及可扩展性都进行了一定的论述。系统分为“事件引擎”和“策略脚本解释器” 。
We give an overview of the system′s design after our research on the real time network intrusion monitoring system, which emphasizes high speed monitoring, real time notification, and extensibility. The system is divided into an ‘event engine' and a ‘policy script interpreter'. We also discuss a number of attacks that attempt to subvert passive monitoring systems and how to defend them.
出处
《计算机应用研究》
CSCD
北大核心
2003年第1期43-45,共3页
Application Research of Computers