| 网络入侵检测的快速规则匹配算法 |
| |
| 引用本文: | 刘评,汤志国,于海峰. 网络入侵检测的快速规则匹配算法[J]. 海军工程大学学报, 2004, 16(5): 71-73 |
| |
| 作者姓名: | 刘评 汤志国 于海峰 |
| |
| 作者单位: | 北京系统工程研究所,北京,100101 |
| |
| 摘 要: | 在分析入侵检测系统的基础上,指出现有规则匹配算法的不足.提出一种新的规则匹配算法,该算法主要利用非精确匹配技术,缩小入侵分类的检测范围,达到快速匹配的目的.根据不同的安全性要求设置不同的门限值,该算法可用于预测适合不同门限值的可疑入侵行为.
|
| 关 键 词: | 入侵检测 网络安全 快速规则匹配 |
| 文章编号: | 1009-3486(2004)05-0071-03 |
| 修稿时间: | 2004-05-17 |
A fast rule-matching algorithm in network intrusion detection |
| |
| LIU Ping,TANG Zhi-guo,YU Hai-feng. A fast rule-matching algorithm in network intrusion detection[J]. Journal of Naval University of Engineering, 2004, 16(5): 71-73 |
| |
| Authors: | LIU Ping TANG Zhi-guo YU Hai-feng |
| |
| Abstract: | Based on the analysis of network intrusion detection systems, this paper points out the shortage of existing rule-matching algorithms, and then puts forward a new fast rule-matching algorithm. This algorithm is fast and effective because it uses the fuzzy matching method, and reduces the ranges of intrusion classes. In addition, such algorithm can be used to identify the suspicious intrusion behavior according to the different threshold that is set up based on various security levels. |
| |
| Keywords: | intrusion detection network security fast rule-matching |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
