欢迎来到天天文库
浏览记录
ID:11999983
大小:38.00 KB
页数:12页
时间:2018-07-15
《第章入侵检测技术(the sixth chapter intrusion detection technology )》由会员上传分享,免费在线阅读,更多相关内容在教育资源-天天文库。
1、第6章入侵检测技术6(Thesixthchapterintrusiondetectiontechnology6)ThisarticleiscontributedbydoctorPptdocumentsmayexperiencepoorbrowsingontheWAPside.ItisrecommendedthatyoufirstselectTXT,ordownloadthesourcefiletothelocalview.Thesixthchapteristhehybridintrusiondetectiontechnology6.1usesmanyinformationsource
2、s,6.2usesmanykindsofexaminationmethodsHybridintrusiondetectiontechnologymentionedinthischapter,mainlydividedintotwotypes:thefirsttypereferstotheintrusiondetectiontechnologyusingavarietyofinformationinputsources,suchasthenetworkdatapacketsandhostauditdataasthedatasource,theDIDSsystemisatypicalre
3、presentativetobeintroduced;secondtypesofstressedbymanydifferenttypesofintrusiondetectionmethods,suchasusingstatisticalanalysisbasedonanomalydetectionandmisuseintrusiondetectionexpertsystemrules,ofwhichIDESandNIDESsystemastherepresentativeofthefamousearly.6.1usingmultiplesourcesofinformationThed
4、evelopmentofDIDSsystemstartedintheearly1990s.Intheprocessoftechnologydevelopment,itisthefirstattempttointegratenetworkintrusiondetectionandhostintrusiondetectiontechnology.6.1.1overalldesignThetargetenvironmentforDIDSsystemdesignisagroupofhostsconnectedviaEthernetLAN,andthesehostsystemsmeetther
5、equirementsofthesecurityauditfunctionoftheC2level.ThetaskofDIDSistomonitorthesecuritystatusofeachhostinthenetwork,anddetecttheattackbehavioragainsttheLANitself.ThesystemdesignarchitectureofDIDSisshowninfigure6-1.Figure6-1DIDSsystemarchitectureAsshowninFigure6-1,becausetheDIDSwillcompletethetask
6、ofdetectingthehostandnetworksecuritystatussimultaneously,thesystemusesbothnetworkdataandhostauditdatafortwodatasources.TheDIDSsystemmainlyconsistsof3typesofcomponents:thehostmonitor(hostmonitor),thelocalareanetworkmonitor(LANmonitor)andthecentralcontrolconsole(director).Thecommunicationprotocol
7、ofDIDSsysteminearlyISOiscommonmanagementinformationprotocol(CMIP),theprotocolallowscommunicationbetweenthetwo-wayconsoleandmonitoreachcomponent,whichcansendthequeryconsolecommands(suchas"GET")tomonitorrelevantdetailedinformation,a
此文档下载收益归作者所有