引用本文: | 张权,张森强,高峰.分布式网络攻击检测系统(DIDS).[J].国防科技大学学报,2001,23(5):98-102.[点击复制] |
ZHANG Quan,ZHANG Senqiang,GAO Feng.Distributed Intrusion Detection System (DIDS)[J].Journal of National University of Defense Technology,2001,23(5):98-102[点击复制] |
|
|
|
本文已被:浏览 6753次 下载 6955次 |
分布式网络攻击检测系统(DIDS) |
张权, 张森强, 高峰 |
(国防科技大学 电子科学与工程学院, 湖南 长沙 410073)
|
摘要: |
介绍了网络攻击检测系统(IDS)的运作机理,分析了IDS的优缺点。针对传统IDS的问题提出了分布式IDS(DIDS)的概念,比较了DIDS的设计目标与目前一些IDS产品的性能。最后从功能模块设计、攻击特征的获取和更新、提高攻击行为的检测和反应速度、攻击行为关联性分析和更加主动的反应策略五个方面详细阐述了DIDS的具体设计思路,为进一步完善网络攻击检测系统的性能提供了可行的解决方案。 |
关键词: IDS/DIDS 分布式检测分析 集中式管理维护 |
DOI: |
投稿日期:2001-03-17 |
基金项目:国家863基金资助项目(863-307-7-5) |
|
Distributed Intrusion Detection System (DIDS) |
ZHANG Quan, ZHANG Senqiang, GAO Feng |
(College of Electronic Science and Engineering, National Univ. of Defense Technology, Changsha 410073,China)
|
Abstract: |
The principle of intrusion detection system (DIDS) is introduced, and its advantages and disadvantages are analyzed. Hence, we bring out the concept of Distributed IDS, comparing the design goal with the performance of some IDS products. In the end, the designation of DIDS is discussed in detail in regard to the aspects of the functionality module designation, the retrieve and update of attack characteristics, the enhancing of the attack detection and reactivity, the correlated attack analysis, and the more active reaction policy. |
Keywords: IDS/DIDS distributed detection analysis centralized management and maintenance |
|
|
|
|
|