| 入侵检测系统评估环境的设计与实现 |
| |
| 引用本文: | 蔡忠闽,孙国基,卫军胡,管晓宏.入侵检测系统评估环境的设计与实现[J].系统仿真学报,2002,14(3):377-380. |
| |
| 作者姓名: | 蔡忠闽 孙国基 卫军胡 管晓宏 |
| |
| 作者单位: | 西安交通大学系统工程研究所,西安,710049 |
| |
| 基金项目: | 国家杰出青年基金(6970025),国家教育部“行动计划”资助,国家863计划(2001AA140213)资助 |
| |
| 摘 要: | 入侵检测系统(IDS)的评估和开发都需要一个仿真网络环境。功能完整的IDS评估环境,不需经大的改动就可以直接用于IDS的测试开发,本文从IDS评估的角度,对这样的仿真网络环境进行了讨论,设计得到的评估环境也可用于IDS的开发过程。在给出IDS的性能指标之后,我们提出了IDS评估环境框架,并以该框架为基础,对评估环境中的网络流量仿真,主机使用仿真和网络攻击仿真等几个关键技术问题进行了深入研究,在文章的最后,给出了对我们单位开发的IDS进行测试的一些结果,测试在我们搭建的一个基本评估环境中进行。
|
| 关 键 词: | 入侵检测系统 网络安全 评估环境 设计 计算机仿真 计算机网络 |
| 文章编号: | 1004-731X(2002)03-0377-04 |
| 修稿时间: | 2001年9月11日 |
Design and Realization of Evaluation Environment for Intrusion Detection Systems |
| |
| CAI Zhong-min,SUN Guo-ji,WEI Jun-hu,GUAN Xiao-hong.Design and Realization of Evaluation Environment for Intrusion Detection Systems[J].Journal of System Simulation,2002,14(3):377-380. |
| |
| Authors: | CAI Zhong-min SUN Guo-ji WEI Jun-hu GUAN Xiao-hong |
| |
| Abstract: | Intrusion Detection System (IDS) plays a key role in defense-in-depth computer security architecture and is an important complement to the peripheral defense elements such as firewalls and authentication mechanisms. But due to the complexity in both its design and interactions with the deploying environment, an objective testing of IDS is very difficult. In this paper, we first propose a set of performance indexes for IDS evaluation. Then we present the architecture of a simulation environment to test intrusion detection systems automatically. Next, under the framework of this architecture, we discuss three key issues in the realization of such a testing environment: network traffic simulation, computer usage simulation and computer attack simulation. At the end, we give some testing results of an IDS developed by ourselves in a basic testing environment we built. |
| |
| Keywords: | network security intrusion detection evaluation simulation |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
