摘要
分析当前网络入侵检测系统NIDS的主要思想和实现方法,针对传统NIDS的不足,提出了一种基于特征检测的分布式网络报警系统模型,并且详细地描述了该模型的结构和实现。该模型将规则匹配与案例分析以及集中控制与分布检测相结合,在保证网络安全的基础上,有效地提高了NIDS的动态性和自适应性。
The paper analyzes the primary idea and implementing technique of current network intrusion detection system(NIDS). It aims at the shortage of traditional NIDS, and advances a kind of model of distributed network alert system based on signature detection and describes the structure and achievement of the model in detail. Based on the guarantee of network security, the model advances NIDS in performance of dynamic and self-adaption, through combining rules matching with cases analyzing, and centralized control with distributed detection.
出处
《计算机工程》
CAS
CSCD
北大核心
2003年第2期198-200,共3页
Computer Engineering
