入侵检测的分析方法 •误用检测 :误用检测又称为特征检测(Signature-based Detection),它将已知的入侵活动用一种模式来表示,形成网络攻击特征库,或称为网络攻击规则库。
基于36个网页-相关网页
... 状态模式检测(Stateful Detection) 攻击特征数据库模式检测(Signature-based Detection) 缓冲区溢出检测(Buffer-overflow Detection) ...
基于6个网页-相关网页
signature-based intrusion detection 基于特征的入侵检测
signature-based intrusion detection system 基于特征的入侵检测系统
Worth noting, however, is that many IPS sensors use signature-based detection, meaning that attacks are added to a database as they are discovered.
但是,值得牢记的是,许多IPS嗅探器使用基于特征码的检测方法,这意味着当攻击被发现的时候才能被加入到数据库中。
Many of current IDSes implement only signature-based intrusion detection which gives them less false positive but with a unbearable false negative.
当前大多数IDS系统仅采用基于特征的检测以减少误报,然而这会造成不可忍受的漏报问题。
For intrusion pattern based signature detection, an improved quick multi-pattern matching algorithm is adopted, which can search for multiple patterns by scanning the packet once.
对基于入侵模式的特征,采用了一种改进的快速多模式匹配算法可以一次在包的负载中查找多个入侵模式。
应用推荐