摘要
1 入侵检测随着Internet在全世界范围内的迅速扩展,计算机网络的安全问题越来越成为人们关注的一个热点问题.入侵检测(Intrusion Detection,ID)就是保障计算机及网络安全的措施之一.近几年,对于入侵检测技术的研究发展很快,出现了很多入侵检测系统.但是,随着新的攻击方法的不断出现,尤其是一些互相协作的入侵行为的出现,给入侵检测领域的研究带来了新的课题.早期的集中式入侵检测系统已经不能有效地防止这一类的入侵.因此,研究分布式入侵检测系统是十分必要的.
The trend of the research on the intrusion detection systems is to design and set up distributed intrusion detection systems. In the paper, the concepts, methods and architectures of intrusion detection are presented, and the application of agent technology in intrusion detection system is introduced. Several representative architectures of distributed intrusion detection systems based on agent and the common Intrusion Detection Framework and its application and extension are summarized. The existing problems and the future researching direction in this field are proposed.
出处
《计算机科学》
CSCD
北大核心
2002年第3期16-19,共4页
Computer Science
基金
教育部跨世纪优秀人才基金
高等学校优秀青年教师教学和科研奖励基金