[1]顾丽,李菲,乔佩利,等.Linux平台下网络入侵防御系统的研究与实现[J].哈尔滨理工大学学报,2009,(02):8-12.
 GU Li,LI Fei,QIAO Pei-li.Research and Implementation of Network Intrusion Prevention System under the Linux Platform[J].哈尔滨理工大学学报,2009,(02):8-12.
点击复制

Linux平台下网络入侵防御系统的研究与实现()
分享到:

《哈尔滨理工大学学报》[ISSN:1007-2683/CN:23-1404/N]

卷:
期数:
2009年02期
页码:
8-12
栏目:
计算机与控制工程
出版日期:
2009-04-25

文章信息/Info

Title:
Research and Implementation of Network Intrusion Prevention System under the Linux Platform
作者:
顾丽; 李菲; 乔佩利;
哈尔滨理工大学计算机科学与技术学院;
Author(s):
GU Li; LI Fei; QIAO Pei-li
School of Computer Science and Technology; Harbin University of Science of Technology; Harbin 150080; China
关键词:
入侵检测系统 防火墙 Netfilter Snort
Keywords:
intrusion detective system firewall netfilter Snort
分类号:
TP393.08
文献标志码:
A
摘要:
针对防火墙和入侵检测系统在网络安全防御上存在的缺陷,本文提出了一个在Linux平台下,基于两层防御机制的网络入侵防御系统.该系统扩展了网关防火墙的入侵检测功能,实现了网关防火墙对攻击的最初防御,增加了入侵检测系统Snort的联动响应功能,Snort对逃避了网关防火墙检测的复杂攻击进行再次防御.实验结果证明,两层防御机制对大规模的蠕虫攻击起到了实时抵制作用.
Abstract:
Focusing on the defects of the firewall and the intrusion detective system in network security prevention,the article proposed a network intrusion prevention system under the linux platform based on the two-level defense mechanism.The system explanded the intrusion detective function for the gateway firewall which could defend the attack at the first level,and increased the interaction with firewall for Snort so that Snort could defend the complex attack which had evaded the detection of the gateway firwall...

备注/Memo

备注/Memo:
【基金】 国家社会公益研究专项基金(2005DIB2J218)
更新日期/Last Update: 2009-09-16