| Snort规则库的冲突检查 |
| |
| 引用本文: | 孙美凤,龚俭.Snort规则库的冲突检查[J].扬州大学学报(自然科学版),2006,9(2):53-56. |
| |
| 作者姓名: | 孙美凤 龚俭 |
| |
| 作者单位: | 1. 扬州大学,信息工程学院,江苏,扬州,225009;东南大学,计算机科学与工程系,南京,210096
2. 东南大学,计算机科学与工程系,南京,210096 |
| |
| 基金项目: | 国家自然科学基金资助项目(90104031) |
| |
| 摘 要: | 针对冲突是规则库不正确的一种表现形式,可能导致漏报和误报,对Snort规则库的冲突进行了研究.首先从一般意义上讨论了冲突的类型以及冲突检测的算法,给出了对Snort规则库的检查结果,最后分析了冲突的原因和可能的解决方法.
|
| 关 键 词: | 冲突 Snort规则 入侵检测系统 |
| 文章编号: | 1007-824X(2006)02-0053-04 |
| 收稿时间: | 2005-12-14 |
| 修稿时间: | 2005-12-14 |
Checking conflict for Snort intrusion rule |
| |
| SUN Mei-feng,GONG Jian.Checking conflict for Snort intrusion rule[J].Journal of Yangzhou University(Natural Science Edition),2006,9(2):53-56. |
| |
| Authors: | SUN Mei-feng GONG Jian |
| |
| Abstract: | The fact that input event matches more than one intrusion rule in IDS is considered as a conflict,the conflict potentially results in false positive and false negative,and moreover reduces detection efficiency.This paper discusses the kind of conflict and proposes an algorithm to detect the conflict;gives out the checking results for Snort rule;finally analyzes the possible reasons and solutions for the conflict. |
| |
| Keywords: | conflict Snort rule intrusion detection system |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
