network-based ids 中文意思是什麼
network-based ids
解釋
網路的入侵檢測系統-
The ids of the paper is network - based anomaly detection system. with the help of data mining technology, we bring forward a measure to describe the normal state of the network traffic and user behavior and extracting the useful rule from large network data. so we can establish the knowledge warehouse which describe the normal state of the network traffic and user behavior. the knowledge warehouse can be the standard in order to judge the normal state. we can find the dubitable connections according to account the state and anomly instances of connections
論文在描述網路應用和用戶行為時採用數據挖掘技術從海量的網路數據中提取有用的規則,構建了一個描述正常狀態下的網路應用和用戶行為的規則集,這個規則集是用來判斷網路應用和用戶行為是否正常的標準,論文根據這個標準分析當前網路連接的異常情況,將可疑的連接找出來。 -
We do research on the transitions between states of network protocol, the protocol misusage detection model based on markov chain, the framework of the ids technology and protocol anormity after we discuss the current technology. the main research contents of this paper include : research on transitions between states of network protocol and session process, protocol misuage and the anomaly detection model based on markov chain, the research of intrusion detection framework, more accurately model based on the characteristic of the network traffic and so on
在分析了現有入侵檢測系統的基礎上,本文圍繞典型網路協議狀態轉換、基於馬爾可夫鏈的檢測模型、入侵檢測技術框架、以及協議異常等幾個方面展開深入研究,主要工作內容包括:典型網路協議轉換狀態的分析和會話過程的研究;基於馬爾可夫鏈的網路異常檢測模型;分散式的檢測架構;針對網路流量特徵而提出了精確的檢測模型等。 -
Then, the paper present a protocol misusage ids in application layer based on markov chain, and obtain the following results after test : the system can have good effection on detecting the probe packet, dos attack and novelty attack. the system can overcome part of disadvantages in traditional intrusion detection system, and adapt requirements with different network. the experiment shows that the system can improve the detection accuracy rate, reduce the false negatives probability
通過對檢測系統的測試分析,系統對掃描探測報文、 dos攻擊報文和新的攻擊報文等有較好的檢測率。基於馬爾可夫鏈建立的網路異常檢測系統可以克服傳統入侵檢測系統的部分缺陷,能夠適應不同網路環境的要求,同時也有效提高了系統的檢測能力和檢測效率,降低了誤報率。 -
Presently, the false alarm rate of most idss is high and their efficiency is low. aimed at these drawbacks of present idss, researches on ids models and neural network - based intrusion detection are presented in this paper
目前大多數入侵檢測系統誤警率較高,效率較低,為克服現有ids的不足,本文從入侵檢測模型、神經網路應用於入侵檢測等方面進行了研究。 -
Dmdids integrates host - based ids with network - based ids. it mainly comprises of hids, nids and a central manager
Dmdids主要包括基於主機的入侵檢測組件、基於網路的入侵檢測組件和中心管理器。 -
The first chapter surveys the state - of - the - art of intrusion detection and the related problems. the second chapter provides the details of intrusion detection techniques, in particularly, it introduces two concepts ( network - based ids ( nids ) and host - based ids ( hids ) ), and the distributed ids. besides, this chapter proposes three intrusion detection methods ( misuse detection, anomaly detection and integrality test ), and discusses the applications of the artificial neural network technology 、 expert system technology 、 and pattern reasoning technology in the ids
第二章討論入侵檢測技術基礎,介紹了基於網路的入侵檢測系統( ndis )和基於主機的入侵檢測系統( hdis )的概念,對分散式入侵檢測系統也進行了相關介紹;討論了三種入侵檢測辦法,包括誤用檢測( misusedetection ) 、異常檢測( anomalydetection )和完整性檢測,介紹了人工神經網路技術、專家系統技術以及模式推理技術在ids中的應用。 -
In this paper, the shortages and limitations of the perimeter firewall and current host firewall are analyzed, the current network attacks and the methods defending against them are analyzed and discussed, the strategies of the network security in the intranet are discussed, the scarcities of the current applications for the host firewall in the intranet are analyzed, a kind of intranet host firewall model based on the techniques of tcp / ip packets filter, vpn and ids is designed and discussed deeply
本文針對網路安全的現狀,分析了邊界防火墻及現有主機防火墻的不足之處;對現有黑客的網路攻擊手段與方法進行分析研究,並對防禦這些攻擊的方法進行了研究;對企業網的網路安全策略進行討論,分析了現有主機防火墻在企業網中應用的不足,並在此基礎上,結合包過濾、虛擬專用網、入侵檢測等防火墻技術,設計了一種企業網中的主機防火墻模型,並對這一模型進行了較深入地研究。 -
We design a component - based intrusion detection system, which has good distribute and scalable ability. it combine the network - based ids and host - based eds into a system, and provide detection, report and response together
論文中提出了一種基於部件的入侵檢測系統,這是將基於網路和基於主機和入侵檢測系統有機地結合地一起,提供集成化的檢測、報告和響應功能。 -
In this paper we analyzed the structure, function and characteristics of the private office network, discussed the primary threats to the office network security and common attack methods, based on the p2dr model, we distributed the office network security policy across three layers : network layer, system layer and application layer. the security principle, implement solution and the relationship among these three layers were illustrated in this paper, including physical access control, logical access control, vpn, data encryption, authentication, authorization, audit, ids ( intrusion detection systems ), system leak test and anti - virus protection
本文中將辦公網路的安全策略由下至上劃分為網路層、系統層和應用層三個層次,分別敘述了各個層次上的安全原則和實現方式,以及各層之間的相互關系,詳細介紹了物理控制、邏輯控制、 vpn與數據加密、用戶認證和授權、審計與入侵檢測、漏洞掃描及病毒防護等方面的策略和實現方式。 -
Moreover, introduces presen t technologies and methods on defending worm virus and junk mail based on honey technology. after accomplished 863 program ( integrated network security defensive system ), that the writer designs dynamic honey project. the introducing of coordination and interaction into design realizes the coordination control between distributive ids and ids, distributive firewall and firewall, distributive honeypot and honeypot
結合863計劃- - -網路集成化防衛系統,設計了動態的honey方案,在設計中引入了協同和聯動的概念,使整個系統中分散式ids和ids ,分散式firewall和firewall ,分散式honeypot和honeypot之間實現了協同控制;同時基於主機的ids 、 honeypot 、 firewall之間實現了聯動。 -
The integrated analyzing and sorting toward ids data, the accurate forecasting of the intruders and common visitors etc, all come down to the multiple data conformity disposal. therefore, it is vitally important to develop a perfect nonlinear conformity disposal method. however, some favorable characters of ann can content these ids working demands perfectly, in additon, the capability of nonlinear mapping of ann also make sure that the system can execute simple or complex classification and save the information into the coefficent of connecting power, maintain the network robust and fault toleration. so more and more people alter one after another their working focus to the nonlinear mathematic model based on the ann in order to resolve the complex problems in ids system much better
入侵檢測工作屬于分類識別問題,其中存在著大量的非線性問題,對入侵檢測資料進行綜合分析與分類,準確判別惡意訪問和正常訪問等都涉及到多資料的整合處理,因此研製理想的非線性整合處理方法是非常必要的,而神經網路由於其內在的對不確定性的學習與適應能力,恰好能滿足入侵檢測工作分類識別的需求,另外神經網路的非線性映射能力也是保證其成功實現各種簡單或復雜分類的主要原因,它將信息分散式存儲于連結權系數中,使網路具有較高的容錯性和魯棒性。 -
We design a cve - based intrusion detection expert system rule base, it combine the network - based ids and host - based ids into a system, and provide detection, report and response together
本文提出一種基於cve標準建立的入侵檢測專家系統規則庫,該入侵檢測專家系統是基於網路和主機的混合結合體,提供集成化的檢測、報告和響應功能。 -
This system has good distribute and scalable ability. it can combine the network - based ids and host - based ids into a system, and can provide an integration environment for detection, report and response
該系統具有良好的分佈性和擴展性,它可以將基於網路和基於主機的入侵檢測系統有機地結合在一起,提供集成化的檢測、報告和響應功能。 -
Based on the study on the problem of pure network defense technology, this paper puts forward a kind of new network security technology ? ids
本文在分析了單純的網路防護技術存在著問題基礎之上,闡述了一種新的網路安全技術? ?入侵檢測。 -
In the implement of the network engine, the combination of network protocol analysis and pattern match technology is used so that the scope to search is reduced. the foundation of cve - based intrusion detection system rule base gives the update of the ids rule base reliable foundation. we put forward a new form of rule syntax
以cve標準為建立入侵檢測專家系統規則庫的基準,使得入侵檢測專家系統規則庫升級有了可靠的國際權威標準可以依據,採用基於snort的規則描述語言,這種描述方法簡單、易於實現,能夠描述絕大多數的入侵行為,而且可以及時針對最新的漏洞升級規則。 -
Based on the analysis of the working principle of snort and some of its source codes, it introduces the structure of snort ' s rule database, how to generate rule trees and analyzes the processes of information collecting, parsing and rule matching after exploring the existing software and hardware technology, it puts forward an embedded ids design model based on ixp2400 network processors and describes the design scheme in detail
Snort是一個輕量級的nids系統,在嵌入式ids系統中的數據包分析檢測部份,擬借鑒它的部份原理和技術。基於對它工作原理及部份源碼的分析,本文介紹了snort的規則庫的結構、規則樹生成方法,分析了其信息收集、解析和規則匹配過程。 -
Aiming at the shortage of intrusion detection system in existence, the idea of distributed intrusion detection system based on multisensor information fusion technology is put forward in this paper, that is cyber - ids. traditional ids, which consist of host - based ids and network - based ids, are limited only to safeguard single host system or network system, the resources and scopes to be protected are localized very much
傳統ids包括主機ids和網路ids ,僅限於保護單一主機系統或網路系統,保護的資源和范圍都很有局限,而現有的分散式入侵檢測系統對異構系統及大規模網路的監測明顯不足,加之不同的ids系統之間不能協同工作,無法相互配合,取長補短。 -
According to the means of detection intrusion, ids can be divided into signature - based detection and anomaly detection, signature based ids also is called misuse ids. according its deployment and data source, ids also is divided into network based and host based detection
它從檢測入侵所使用的分析技術來說可分為基於異常行為的入侵檢測和基於特徵的入侵檢測(也叫誤用檢測) ;而從數據來源及配置上又可分為基於主機的入侵檢測系統和基於網路的入侵檢測系統。 -
In the first section of paper, it analyzes condition of network security at present, studies technologies of ids ( anomaly - based and misused - based ) and introduces criterion and classification of ids, gives examples of each representative systems and their merits and shortcomings
本論文主要陳述了當前網路安全的現狀和各種攻擊方式。介紹入侵檢測的標準及分類,分析了其採用的技術(基於異常和基於誤用) ,介紹了各自的典型系統和優缺點。 -
Whether propose kinds of invasion detection system not based on part this text, have good distribution performance of and can expanding. it combine the network - based ids and host - based eds into a system, and provide detection, report and respone together
本文提出一種基於部件的入侵檢測系統,具有良好的分佈性能和可擴展性。他將基於網路和基於主機的入侵檢測系統有機地結合在一起,提供集成化的檢測、報告和響應功能。
分享友人