重新设计实现了报警模块,将警报格式转换成标准的idmef格式,使其可以方便的集成到分布式入侵检测系统中。
We also design and realize the modular which can converse the alert to uniform standard IDMEF form that make it integrate into distributed intrusion detection system conveniently.
系统主要包括四个模块:数据采集模块、日志分析模块、入侵检测模块和用户接口模块。
There are mainly four modules in the system: data collection module, syslog analysis module, intrusion detection module, and user interface module.
性能分析和实验结果表明,改进的检测系统具有扩展性,能合理的分发数据包,充分的利用入侵检测模块的资源。
Performance analysis and experiments demonstrate that the model is scalable, and can dispatch packets reasonably and utilize intrusion detection system 'sources effectively.
应用推荐