| 基于协议分析状态机的入侵检测系统 |
| |
| 引用本文: | 蔡罡,冯辉宗.基于协议分析状态机的入侵检测系统[J].重庆邮电学院学报(自然科学版),2005,17(1):97-101. |
| |
| 作者姓名: | 蔡罡 冯辉宗 |
| |
| 作者单位: | [1]重庆大学计算机学院,重庆400030 [2]重庆大学计算机学院,重庆400030//重庆邮电学院,重庆400065 |
| |
| 基金项目: | 科技部创新项目(01C26225110726) |
| |
| 摘 要: | 协议分析状态机是提高协议分析正确性的重要保证。将其应用于入侵检测系统是一个新的研究应用方向。协议的形式化描述工具有穷状态自动机、通信有限状态自动机。在此基础上重点讨论了使用协议状态机分析入侵事件的相关算法及流程,设计了基于协议分析状态机的入侵检测系统的总体框架,提出了该状态机的面向对象的模型,使该系统具有良好的可扩展性和通用性。测试结果验证了这一思想的正确性和有效性。
|
| 关 键 词: | 协议分析 有穷状态自动机 通信有穷状态自动机 入侵检测系统 |
Intrusion detection system based on protocol analying state machine |
| |
| CAI Gang,FENG Hui-zong.Intrusion detection system based on protocol analying state machine[J].Journal of Chongqing University of Posts and Telecommunications(Natural Sciences Edition),2005,17(1):97-101. |
| |
| Authors: | CAI Gang FENG Hui-zong |
| |
| Institution: | CAI Gang~1,FENG Hui-zong~ |
| |
| Abstract: | Protocol analyzing finite state machine plays a very important role in guaranteeing the correctness of protocol analyzing. Protocol analyzing finite state machine is a new concept in intrusion detection system.In this paper,the authors try to apply protocol analyzing finite state machine to routing intrusion detection system.Authors show the formal models for protocol specifications: finite state machine and communicating finite state machine. And the authors also review the work on intrusion detection system based on protocol analyzing finite state machine on these models,analyse the problems and also show the implementation of intrusion detection system based on protocol analyzing finite state machine. And the authors also introduce, a protocol analyzing finite state machine architecture and analyse the experimental results of the intrusion detection system based on protocol analyzing finite state machine. |
| |
| Keywords: | protocol analyzing finite state machine communication finite state machine intrution detection system |
| 本文献已被 CNKI 维普 等数据库收录! |
