摘要
针对防火墙和入侵检测技术在网络安全防御上存在的缺陷,提出了一种融合式入侵防御系统。该系统通过增加入侵检测系统的联动响应插件,扩展防火墙动态加入过滤规则的功能,实现了两者的紧密结合。详细介绍了系统的结构、工作流程以及融合策略的具体实现,并给出了攻击实验。实验结果证明该防御系统对大规模的蠕虫攻击起到了实时抵制作用。
Focusing on the defects of the firewall and the intrusion detective system in network security prevention, this article proposed an integrated intrusion prevention system. The system added the linked response plug for intrusion detection system, expanded dynamic adding filtering rules of firewall, and achieved the close integration of the two techonologies. The paper detailed on the system structure, work processes, and the specific implementation of the integrated strategies, and also described an attack experiment. The experiment proved that the system had resisted the large-scale worm attack in real time.
出处
《信息技术》
2007年第12期151-154,共4页
Information Technology
