The LAFCDIDS (Lightweight Agent for Collaborative Distnbution Intrusion Detection System) presented in this paper is a distributed intrusion detection system with the ability of collaborative detection in real time. T...The LAFCDIDS (Lightweight Agent for Collaborative Distnbution Intrusion Detection System) presented in this paper is a distributed intrusion detection system with the ability of collaborative detection in real time. The hierarchy architecture of agents and the ability of collaborative detection in real time are evident characteristics of the LAFCDIDS. Lightweight agent and agent sensitivity are LAFCDIDS's new concepts, which can reduce the overload of protected system, shorten the period of intrusion detection, and are suitable for monitoring the distributed collaborating attacks.展开更多
详细介绍了在Linux环境下基于规则的分布式网络入侵检测系统NetNumen.同现有的网络入侵检测系统相比,NetNumen将异常检测(检测包到达频度的异常)和特征检测(检测特定攻击和攻击工具的固有特征)有机地结合起来,对DoS(denial of service),...详细介绍了在Linux环境下基于规则的分布式网络入侵检测系统NetNumen.同现有的网络入侵检测系统相比,NetNumen将异常检测(检测包到达频度的异常)和特征检测(检测特定攻击和攻击工具的固有特征)有机地结合起来,对DoS(denial of service),DdoS(distributed denial of service)攻击的检测效果较现有方法有明显的改善.展开更多
文摘The LAFCDIDS (Lightweight Agent for Collaborative Distnbution Intrusion Detection System) presented in this paper is a distributed intrusion detection system with the ability of collaborative detection in real time. The hierarchy architecture of agents and the ability of collaborative detection in real time are evident characteristics of the LAFCDIDS. Lightweight agent and agent sensitivity are LAFCDIDS's new concepts, which can reduce the overload of protected system, shorten the period of intrusion detection, and are suitable for monitoring the distributed collaborating attacks.
文摘详细介绍了在Linux环境下基于规则的分布式网络入侵检测系统NetNumen.同现有的网络入侵检测系统相比,NetNumen将异常检测(检测包到达频度的异常)和特征检测(检测特定攻击和攻击工具的固有特征)有机地结合起来,对DoS(denial of service),DdoS(distributed denial of service)攻击的检测效果较现有方法有明显的改善.