| 分布式入侵检测系统数据采集器的设计 |
| |
| 引用本文: | 朱浩,陆建新,郑国平,马海英. 分布式入侵检测系统数据采集器的设计[J]. 南通大学学报(自然科学版), 2007, 6(2): 78-81 |
| |
| 作者姓名: | 朱浩 陆建新 郑国平 马海英 |
| |
| 作者单位: | 南通大学,计算机科学与技术学院,江苏,南通,226019;南通大学,计算机科学与技术学院,江苏,南通,226019;南通大学,计算机科学与技术学院,江苏,南通,226019;南通大学,计算机科学与技术学院,江苏,南通,226019 |
| |
| 基金项目: | 南通大学校科研和教改项目 |
| |
| 摘 要: | 文章采用面向对象的思想设计数据采集器,其可扩展性好,可动态加载.在分布式入侵检测系统ADIDS中,实现了基于Libpcap的数据采集器Netpcap.试验表明:它能有效地从网络接口采集数据,通过TCP/IP协议分析检测出针对协议的攻击,并能实时向检测Agent提供数据.
|
| 关 键 词: | 数据采集器 代理 入侵检测系统 |
| 文章编号: | 1673-2340(2007)02-0078-04 |
| 修稿时间: | 2006-09-29 |
Implement of Data Collector in Distributed Intrusion Detection System |
| |
| ZHU Hao,LU Jian-xin,ZHENG Guo-ping,MA Hai-ying. Implement of Data Collector in Distributed Intrusion Detection System[J]. Journal of Nantong University (Natural Science Edition), 2007, 6(2): 78-81 |
| |
| Authors: | ZHU Hao LU Jian-xin ZHENG Guo-ping MA Hai-ying |
| |
| Affiliation: | School of Computer Science, Nantong University, Nantong 226019, China |
| |
| Abstract: | This paper presents the agent-based distributed intrusion detection system model-ADIDS,in which data collectors receive request of filter mode from detective agents,decide the range of detection and preprocess data collected,then send data that have preprocessed to detective agents.In this paper data collectors are designed with object-oriented thought,and so data collectors possess characteristic of expansibility and dynamic loading.The paper implements a libpcap-based data collector named netcap in the prototype system of ADIDS.The experiment shows that netcap can collect data from interface of network,detect intrusion aimed at protocol through analysis of TCP/IP,and provide detective agents with data in time. |
| |
| Keywords: | data collector agent IDS |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
