| 基于协议状态分析的入侵检测系统 |
| |
| 引用本文: | 王泽生,谢丰芝.基于协议状态分析的入侵检测系统[J].科技情报开发与经济,2007,17(12):233-235. |
| |
| 作者姓名: | 王泽生 谢丰芝 |
| |
| 作者单位: | 1. 南阳医专附院网络中心,河南南阳,473058
2. 南阳市唐河县人民医院网络中心,河南唐河,473400 |
| |
| 摘 要: | 提出了一种基于协议状态分析的入侵检测方法,不仅充分利用了协议的状态信息,而且考虑了相邻的数码包的内容状态,构造出协议状态序列,通过状态转换来检测入侵,有效地完成网络各层协议的分析,提高了检测的全面性、准确性和效率,实验结果表明是可行的。
|
| 关 键 词: | 协议状态分析 协议状态机 协议异常检测 |
| 文章编号: | 1005-6033(2007)12-0233-03 |
| 收稿时间: | 2006-12-12 |
| 修稿时间: | 2006年12月12 |
The Intrusion Detection System Based on the Protocol State Analysis |
| |
| WANG Ze-sheng,XIE Feng-zhi.The Intrusion Detection System Based on the Protocol State Analysis[J].Sci-Tech Information Development & Economy,2007,17(12):233-235. |
| |
| Authors: | WANG Ze-sheng XIE Feng-zhi |
| |
| Abstract: | This paper proposes an approach for the intrusion detection based on protocol state analysis, which not only makes full use of the protocol state information, but also considers the content state of the adjacent contextual packets, and constructs the state sequence of the protocol to detect the intrusion through the state transformation, fulfils the analysis effectively on the protocols at various layers of the network, enhances the completeness, accuracy and efficiency of the detection. The experimental results demonstrate that this approach is feasible. |
| |
| Keywords: | protocol state analysis protocol finite state machine protocol anomaly-based detection |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
