| 一种基于自治域的协同入侵检测与防御机制 |
| |
| 引用本文: | 韩宗芬,陶智飞,杨思睿,邹德清.一种基于自治域的协同入侵检测与防御机制[J].华中科技大学学报(自然科学版),2006,34(12):53-55. |
| |
| 作者姓名: | 韩宗芬 陶智飞 杨思睿 邹德清 |
| |
| 作者单位: | 华中科技大学,集群与网格计算湖北省重点实验室,湖北,武汉,430074;华中科技大学,集群与网格计算湖北省重点实验室,湖北,武汉,430074;华中科技大学,集群与网格计算湖北省重点实验室,湖北,武汉,430074;华中科技大学,集群与网格计算湖北省重点实验室,湖北,武汉,430074 |
| |
| 基金项目: | 国家自然科学基金;高等学校博士学科点专项科研项目 |
| |
| 摘 要: | 针对日益严重的大规模网络攻击,提出一种基于自治域的协同入侵检测与防御机制,将受保护网络划分为具有层次结构的安全自治域,在自治域内采用对等结构(P2P)进行分布式检测和防御,同时通过安全策略描述协同关系、控制安全域内和域间的协同检测防御,将协同范围限制在与攻击相关的网络区域内,避免不必要的大范围协同通信,降低协同检测和防御带来的网络开销.模拟测试表明,该机制有效实现了协同通信延迟和通信负载的平衡.
|
| 关 键 词: | 网络安全 安全自治域 协同检测 对等结构 |
| 文章编号: | 1671-4512(2006)12-0053-03 |
| 收稿时间: | 2005-12-07 |
| 修稿时间: | 2005年12月7日 |
Cooperative intrusion protection based on security zone |
| |
| Han Zongfen,Tao Zhifei,Yang Sirui,Zou Deqing.Cooperative intrusion protection based on security zone[J].JOURNAL OF HUAZHONG UNIVERSITY OF SCIENCE AND TECHNOLOGY.NATURE SCIENCE,2006,34(12):53-55. |
| |
| Authors: | Han Zongfen Tao Zhifei Yang Sirui Zou Deqing |
| |
| Abstract: | This paper presents a novel cooperative intrusion protection mechanism based on security zone to detect and prevent the mass attacks on the network. It adopted a mixed architecture, which contains both hierarchy structure and P2P structure, by dividing the network into a lots of security zones, so that it can scale easily to protect a very large network. The cooperation during the detection and response is controlled by security policy, so that redundant communication aroused by unwanted cooperation is suppressed and the cost is reduced. The simulation under NS2 shows that it makes a proper balance between the cooperation time lag and communication cost. |
| |
| Keywords: | network security security zone cooperative detection peer to peer |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
