摘要
研究了大规模网络环境下可扩展的入侵检测系统的设计?提出了基于公共入侵检 测框架的入侵检测系统扩展性的基本思想,设计并实现了一个可扩展的入侵检测系统?在设 计中采用了分布检测和集中处理的结构?通用的警报数据表示格式和安全通信协议,较好地 实现了系统的可扩展性?经过测试和应用,能够满足大规模网络环境的安全应用?
The paper designs an extendable intrusion detection systems in the l arge-scale environment. The CIDF-based design methods are presented and an exten dable intrusion detection system is implemented. The better expansibility is ach ieved by applying the architecture of distributed detection and centralized anal ysis, generic alert format and secure transfer protocol in this system. It can m eet the need of large-scale environment after test.
出处
《计算机工程》
CAS
CSCD
北大核心
2003年第11期103-104,179,共3页
Computer Engineering