重新设计实现了报警模块,将警报格式转换成标准的idmef格式,使其可以方便的集成到分布式入侵检测系统中。
We also design and realize the modular which can converse the alert to uniform standard IDMEF form that make it integrate into distributed intrusion detection system conveniently.
系统主要包括四个模块:数据采集模块、日志分析模块、入侵检测模块和用户接口模块。
There are mainly four modules in the system: data collection module, syslog analysis module, intrusion detection module, and user interface module.
性能分析和实验结果表明,改进的检测系统具有扩展性,能合理的分发数据包,充分的利用入侵检测模块的资源。
Performance analysis and experiments demonstrate that the model is scalable, and can dispatch packets reasonably and utilize intrusion detection system 'sources effectively.
阐述了该入侵检测系统的总体结构部署以及各组成模块的相应结构设计。
The paper also expatiates on the main structure of the intrusion detection system and the composing module designation.
智能入侵检测系统是指在入侵检测系统中引入网络会话模块和ANN检测引擎的系统。
Intelligent intrusion detection system written on this paper is the IDS with network session and ANN detection engine.
对于获得的数据,分析模块采用多种方式综合分析入侵行为,包括协议分析、专家系统、应用数据还原、入侵检测等技术。
Many methods are used in analysis model to detect intrusion actions, such as protocol analysis, expert system, application layer data reconstruction, intrusion detection.
本文首先较系统的介绍了入侵检测的定义、重要性和方法,然后系统地进行了分布式检测系统各功能模块的设计和测试,最后提出了今后研究的一些思路。
First in the article, the definition, importance and methods of intrusion system are introduced, then the design and testing of the distributed detection system modules are proposed systematically.
入侵检测模块将根据网络数据包捕获模块上接收到的包并结合网络入侵规则库进行分析,把分析的结果传递给系统管理模块。
Network intrusion detection module will analyze the package from data packet capture modules and combine network intrusion rule database, and then transmit the results to the system management module.
因此,通过应用告警相关方法开发入侵检测系统的协作模块,通过分析关联告警产生清晰的攻击过程描述,通过生成综合告警来减少假告警的数量提高检测效率非常必要。
So, it's necessary that apply alert correlation methods develop several IDS coordination modes to analysis alerts and build distinct attack scenarios and reduce the volume of false alerts.
在整个系统开发过程中根据软件工程原则,采用模块化的设计思想和并行开发策略,设计完成了一个具有实验性质的入侵检测系统。
According to the software engineering principle, this system adopts modular design ideals and parallel development tactics to develop and finishes an experimental intrusion detection system.
它是整个网络入侵检测系统的重要组成部分,是响应模块设计的基础,为响应模块提供需要的数据。
It is an important part of the whole network intrusion detection system, which is the base of response module and is designed in order to supply the necessary data to the responsible module.
给出了该系统架构的设计思想、系统结构和组件,并对入侵检测方法、响应决策和响应实施子模块进行了详细的设计。
Designing idea, system structure and subassembly on this framework are given. Intrusion detection, response decision-making and response implementation are minutely designed.
最后对模型的各功能模块进行了设计和分析,并给出了一个简单的分布式协同入侵检测系统的设计和配置。
At last each function module of detection model are designed and analysed briefly, and a simple distributed cooperative IDS is designed and deployed.
最后对模型的各功能模块进行了设计和分析,并给出了一个简单的分布式协同入侵检测系统的设计和配置。
At last each function module of detection model are designed and analysed briefly, and a simple distributed cooperative IDS is designed and deployed.
应用推荐