| 基于TCP状态有限自动机的入侵检测研究 |
| |
| 引用本文: | 吴建胜,战学刚.基于TCP状态有限自动机的入侵检测研究[J].鞍山科技大学学报,2005,28(5):368-371. |
| |
| 作者姓名: | 吴建胜 战学刚 |
| |
| 作者单位: | 鞍山科技大学计算机科学与工程学院,辽宁鞍山114044 |
| |
| 摘 要: | 入侵检测是一种重要的信息安全防御技术.基于TCP状态有限自动机的入侵检测是一种异常检测方法,它能发现违背TCP状态有限自动机的行为.描述了TCP协议中正常的连接状态转换关系,构造了TCP状态有限自动杌,给出了基于TCP状态有限自动机的入侵检测实现.
|
| 关 键 词: | 网络安全 入侵检测 异常检测 状态自动机 |
| 文章编号: | 1672-4410(2005)05-0368-04 |
| 收稿时间: | 2005-02-28 |
| 修稿时间: | 2005年2月28日 |
Research of intrusion detection system based-on state automaton about TCP protocol |
| |
| WU Jian-sheng,ZHAN Xue-gang.Research of intrusion detection system based-on state automaton about TCP protocol[J].Journal of Anshan University of Science and Technology,2005,28(5):368-371. |
| |
| Authors: | WU Jian-sheng ZHAN Xue-gang |
| |
| Institution: | School of Computer Science and Engineering, Anshan University of Science and Technology,Anshan 114044,China |
| |
| Abstract: | Intrusion detection is one of the critical techniques in information assurance. The intrusion detection based-on state automation about TCP protocol, as a anomaly detection, can find the action against state automation about TCP protocol. The normal state transitions about TCP protocol were describled and the state automaton about TCP protocol was construted. Finally,the implement of the Intrusion Detection System based-on state automaton about TCP protocol was proposed. |
| |
| Keywords: | network security intrusion detection anomaly detection state automaton |
| 本文献已被 CNKI 维普 等数据库收录! |
