| 一种高速网络下IDS溢出数据包的处理模型 |
| |
| 引用本文: | 刘本斌,杨天奇.一种高速网络下IDS溢出数据包的处理模型[J].成都信息工程学院学报,2006,21(2):252-255. |
| |
| 作者姓名: | 刘本斌 杨天奇 |
| |
| 作者单位: | 暨南大学信息技术学院计算机系,广东,广州,510632 |
| |
| 摘 要: | 对匹配规则和被检数据包,都分为实时在线检测部分和延时离线补检部分,来选择性地溢出一些不重要的包和规则,避免随机丢包。同时把这些溢出的包保存下来,待系统有多余处理能力时,再调出来检测。这样既避免了随机丢包造成的安全隐患,又在没有增加硬件的情况下,提升了系统的检测性能。
|
| 关 键 词: | 入侵检测 数据包溢出 及时分析 延时分析 |
| 文章编号: | 1671-1742(2006)02-0252-04 |
| 修稿时间: | 2005年6月21日 |
An analyzing model of overflowed datagram for high-speed networks |
| |
| LIU Ben-bin,YANG Tian-qi.An analyzing model of overflowed datagram for high-speed networks[J].Journal of Chengdu University of Information Technology,2006,21(2):252-255. |
| |
| Authors: | LIU Ben-bin YANG Tian-qi |
| |
| Abstract: | The matching rules and the analyzed datagram are both divided into the online detected part and the offline one.Some less important data can be selected to overflow deliberately in order to avoid the overflow of the important data at random.Simultaneously the overflowed data is stored in a file to be analyzed later.By this means not only the sneak pasted intrusive data is reduced but also the analyzing capability of the system is enhanced without upgrading the hardware. |
| |
| Keywords: | intrusion detection datagram overflow immediate analysis delayed analysis |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
