期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

多视点深入剖析分布式入侵检测系统 被引量:1

Research on the Distributed Intrusion Detection Systems
下载PDF
导出
摘要 分布式入侵检测系统已经成为当今入侵检测领域的发展趋势和研究热点。通过对当前国内外出现的分布式入侵检测系统的深入研究,总结出分布式入侵检测系统的六类通用组件:采集器、分析器、协调器、管理器、响应器、用户界面;并提出了三个重要视点:管理视点、分析视点和协调视点。这在国内尚属首次。为了更详细阐明三个视点的涵义,笔者分别从这三个视点出发对国内外现有的各种分布式协同入侵检测系统进行了分类,并对几种典型入侵检测系统的体系结构、技术特点以及各自的优势与不足进行了深入分析;最后提出在大规模网络环境下分布式入侵检测系统所应该具备的一些功能特点;并且对该领域的一些发展方向与趋势进行了探讨。 Recently the Distributed Intrusion Detection System(DIDS)has become a hotspot in the research field of se-curity.After studying for a long time ,we make a conclusion that the DIDSs are always made up of six parts:Collector,Analyzer,Coordinator,Manager,Responsor and UI.And also,three new viewpoints are suggested to analyze DIDS:Manager View,Analyzer View and Coordinator View.Many kinds of the up-to-date cooperative DIDSs are classified and analyzed from these viewpoints.Finally some characteristics and several possible trends of DIDS in large-scale networks are dis-cussed.
作者 吕慧勤 褚永刚 吕硕望 杨义先
机构地区 北京邮电大学信息安全中心
出处 《计算机工程与应用》 CSCD 北大核心 2004年第8期8-11,34,共5页 Computer Engineering and Applications
基金 国家863高技术研究发展计划项目(编号:2002AA143040) 国家973重点基础研究发展规划项目(编号:G1999035805) 国家杰出青年基金项目(编号:69425001) 高等学校骨干教师资助计划的资助
关键词 入侵检测 分布式 网络安全 Intrusion detection,Distributed IDS,Network security
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献13

  • 1[1]Steven R Snapp,James Brentano,Gihan V Dias et al. DIDS-Motiva tion,Architecture,and an Early Prototype[C].In:Proceeding 14th National Computer Security Conference, Washington D C, 1991:167~176
  • 2[2]Steven R Snapp,James Brentano,Gihan V Dias et al.A system for distributed intrusion detection[C].In :Proceeding of the IEEE COMPCON 91,San Francisco,CA, 1991-02
  • 3[3]Jai Sundar Balasubramaniyan, Joe Omar Garcia-Fernandez, David Isacoff et al. An architecture for intrusion detection using autonomousagents[R].Technical Report98-05,COAST Laboratory,Purdue University, 1998-05
  • 4[4]E H Spafford,D Zamboni.Intrusion detection using autonomous agent[J].Computer Networks, 2000; 34 (4): 547~570
  • 5[5]Asaka M,Okazawa S,Taguchi A et al.A Method of Tracing In truders by use of Mobile Agents[C].In:INET99,1999-06
  • 6[6]Asaka M,Okazawa S,Taguehi A et al.The Implementation of IDA: An Intrusion Detection Agent System[C].In:Proceedings of the 11th FIRST Conference 1999,Brisbane,Australia, 1999-06
  • 7[7]Mark Slagell.The design and implementation of MAIDS(mobile agent intrusion detection system)[R].Technical Report TR01-07,Iowa StateUniversity Department of Computer Science, Ames, IA, USA, 2001
  • 8[8]Helmer G,Wong J,Slagell M et al.Software Fault Tree and Colored Petri Net BasedSpeci_cation,Design and Implementation of AgentBasedIntrusion Detection Systems[J].ACM Transac-tions on Informa tion and System Security
  • 9[9]Wenke Lee,R A Numbalkar,K K Yee et al.A data mining and CIDF based approach for detecting novel and distributed intrusions[C].In: Proceedings of 3rd International Workshop on the Recent Advancesin Intrusion Detection,2000-10
  • 10[10]S Cheung,R Crawford,M Dilger et al.The Design of GrIDS:A Graph Based Intrusion Detection System[R].Technical Report CSE-99-2,U C Davis Computer Science Department, 1999-01

同被引文献6

  • 1Gupta D,Buchheim T,Feinstein B,et al.IAP:Intrusion alert protocol[N].draft-ietf-idwg-iap-05,2001-03-05.
  • 2Douglas R Stinson.Cryptography theoy and practice[M].Beijing:Publishing House of Electronics Industry,2002.135-139.
  • 3Davies D W.Advances in cryptology-eurocrypt91 [C].Berlin:Springer-Verlag,1991.328-336.
  • 4Mell P,Marks D,McLarnon M.A denial of service resistant intrusion detection architecture[J].Computer Networks.2000,34(4):641-658.
  • 5Curry D,Dehar H.Intrusion detection message exchange format data model and extensible markup language(XML)documenttype definition[N].draft-ietf-idwg-idmef-xml-03,2001- 02-03.
  • 6金波,林家骏,王行愚.入侵检测技术评述[J].华东理工大学学报(自然科学版),2000,26(2):191-197. 被引量:41

引证文献1

二级引证文献7

计算机工程与应用
2004年 第8期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部