| 基于网络的入侵检测系统的感应器组件 |
| |
| 引用本文: | 曹元大,岳治宇,张海勇.基于网络的入侵检测系统的感应器组件[J].北京理工大学学报,2002,22(5):615-617. |
| |
| 作者姓名: | 曹元大 岳治宇 张海勇 |
| |
| 作者单位: | 1. 北京理工大学,计算机科学与工程系,北京,100081;2. 北京工业大学,计算机系,北京,100022 |
| |
| 摘 要: | 从简化入侵检测系统的构造出发,设计和实现了一个基于网络的入侵检测系统的感应器组件.该组件提供了较为全面的功能,包括采集网络数据、IP重组、TCP层重组和基于多种应用层协议的数据还原.该组件具有灵活的模块化结构,提供了很好的复用性和扩展性,并实现了自定义加载的功能.用户可以根据实际需求定制组件的大小,或者添加自定义的模块到组件中.
|
| 关 键 词: | 入侵检测系统 感应器 数据采集 IP重组 |
| 文章编号: | 1001-0645(2002)05-0615-03 |
| 收稿时间: | 2001/9/29 0:00:00 |
A Sensor Component for Network-Based Intrusion Detection System |
| |
| CAO Yuan-d,YUE Zhi-yu and ZHANG Hai-yong.A Sensor Component for Network-Based Intrusion Detection System[J].Journal of Beijing Institute of Technology(Natural Science Edition),2002,22(5):615-617. |
| |
| Authors: | CAO Yuan-d YUE Zhi-yu and ZHANG Hai-yong |
| |
| Institution: | CAO Yuan-da 1,YUE Zhi-yu 1,ZHANG Hai-yong 2 |
| |
| Abstract: | To simplify the construction of an intrusion detection system, a sensor component for network-based intrusion detection system is designed and implemented. This component can be used to grasp data packet from network, to reconstruct the IP packet, to reestablish the TCP layer data flow and to restore data of application layer. Based on the module designing method, the component is highly reusable and expandable. With the support of "loading according to configuration" mechanism, users can readily add to or remove a module from this component. This mechanism enables users to customize the component on the demand of specified requirements so as to make the system more efficient. |
| |
| Keywords: | intrusion detection system sensor data gathering IP assembling |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《北京理工大学学报》浏览原始摘要信息 |
| 点击此处可从《北京理工大学学报》下载免费的PDF全文 |
|
