本文探讨了入侵检测系统(IDS)中的关键技术和探针技术。随着安全事件频发,手动响应攻击已不再可行。文章概述了多种IDS技术,包括统计模型、免疫系统方法、协议验证等,并分析了这些技术在检测异常行为和滥用行为中的应用。
PDF : Click Here To Download
Abstract
Recent security incidents and analysis have demonstrated that manual response to such attacks is no longer feasible. Intrusion Detection systems offer techniques for modelling and recognising normal and abusive system behaviour. Such methodologies include: statistical models, immune system approaches, protocol verification, file and taint checking, neural networks, whitelisting, expression matching, state transition analysis, dedicated languages, genetic algorithms and burglar alarms. This paper describes these techniques including an IDS architectural outline and an analysis of IDS probe techniques finishing with a summary of associated technologies.
Keywords: Intrusion detection, probe technique, scanning, anomaly detection, misuse detection,
modeling technique, honeynet, worm/virus attack
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
