| 协议分析的模式匹配模型在Snort系统中的应用 |
| |
| 引用本文: | 汪世义,黄志东.协议分析的模式匹配模型在Snort系统中的应用[J].湖州师范学院学报,2005,27(2):102-105. |
| |
| 作者姓名: | 汪世义 黄志东 |
| |
| 作者单位: | 1. 巢湖学院,数学系,安徽,巢湖,238000
2. 新密教师进修学校,河南,新密,452370 |
| |
| 摘 要: | 入侵检测是网络安全中一个新兴的、快速发展的并且极为重要的领域.它和防火墙技术、防病毒技术一起构筑起了网络的安全防线.模式匹配技术是入侵检测系统中常用的分析方法,随着网络流量的不断增大,单一使用这种检测方法还存在一些难以适应高速网络入侵检测的准确性和实时性要求的问题.基于此分析了模式匹配技术的缺陷;引入一种新的、有效的检测方法,即协议分析技术,提出了基于协议分析的模式匹配模型及其在Snort系统中的实现;对应用结果进行分析,指出基于协议分析和模式匹配技术相结合的方案能提高入侵检测系统检测的效率和准确率.
|
| 关 键 词: | 协议分析 模式匹配 入侵检测系统 |
| 文章编号: | 1009-1734(2005)02-0102-04 |
| 修稿时间: | 2005年2月11日 |
The Application of a Pattern Matching Model Based on Protocol Analysis in Snort System |
| |
| WANG Shi-yi,HUANG Zhi-dong.The Application of a Pattern Matching Model Based on Protocol Analysis in Snort System[J].Journal of Huzhou Teachers College,2005,27(2):102-105. |
| |
| Authors: | WANG Shi-yi HUANG Zhi-dong |
| |
| Institution: | WANG Shiyi~ |
| |
| Abstract: | Intrusion detection is a rising,fastdeveloping and very important field in network security.It protects internal network together with firewall and antivirus tools.Pattern matching algorithms are commonly used in the intrusion detection system,and with the highspeed network development,the only pattern matching is not enough to achieve the target of veracity and realtime.This paper first analyzes the limitation of pattern matching technique,and then introduces an effective detection method called protocol analysis.It gives a model of pattern matching based on protocol analysis which is carried out in Snort system,and finally analyzes the result of implementation,and at the same time points out that protocol analysis combined with pattern matching is one of the most advantageous areas of the network intrusion detection system. |
| |
| Keywords: | protocol analysis pattern matching intrusion detection system |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
