在协议分析的基础上,采用IP数据包分片重组、TCP数据流还原等技术,降低漏报率,减少误报率。
On the base of protocol analysis, the system USES the technology of the fragment reassembly of IP packet, TCP data flow reverting, etc. It reduces leak and mistake alert of the intrusion.
网闸所采用的技术包括数据分片重组、协议转化、密码学、入侵检测、病毒以及关键字过滤、身份验证及审核等。
The technology adopted include categories of data fragment reassembly, protocol conversion, cryptography, intrusion detection, virus, and keyword filtering, authentication and audit and so on.
研究了IP碎片攻击的原理,重新实现了对IP分片重组的代码,杜绝了针对网络应用监控系统的 分片攻击。
It has study the principle that IP chip attack and has realized dividing one slice of codes recombinated to IP again, have prevented to attack to each of the monitoring system of network application.
传统的协议还原技术有很多的的不足之处,很多工具和开发包提供IP分片重组、TCP流重组以及应用层协议重组。
Some tools and network development kits provide the IP fragments reorganization, TCP flow restructuring, and the application layer protocol reassembling.
分片和重组的代价非常高,并且尽管仅由中间路由器执行这项任务,但是它对吞吐量有很大的影响。
Fragmentation and reassembly are a costly affair and, though this is performed only by intermediate routers, it has severe impact on throughput.
分片和重组。
分片和重组。
应用推荐