摘要
大多数的入侵反映在操作系统内部就是一系列非法或异常的系统调用。根据这一思想,本文提出了一种基于系统调用的主机异常入侵检测及响应过程,并描绘了其实现原理。
The reflection of mass intrusion in the operation system is a serial anomaly or irregular system call. On the basis of this viewpoint, this article puts forward a hostbased anomaly detection and response architecture model that is based on the system call .And more, this article gives a realizable blue print.
出处
《计算机与现代化》
2003年第1期44-45,51,共3页
Computer and Modernization