摘要
随着基于网络的服务的迅速增长,入侵检测系统的检测性能已变的越来越重要。为了提高入侵检测系统的检测率和降低其误报率,本文通过将网管系统和入侵检测系统相结合,提出了一种用于分布式入侵检测系统的层次化协作模型,提供集成化的检测、报告和响应功能。在检测引擎的实现上,使用了信息管理库(MIB)作为数据源,可有效检测流量为基础的攻击模式。应用结果表明,该模型可有效增强网络管理的安全性能,提高入侵检测系统的效率。
With the rapid growth of network-based services, the detection performance of intrusion detection system has become increasingly important. In order to improve the detection rate of intrusion detection system and reduce the false alarm rate, the paper through combining the network management system and intrusion detection systems to create a local, regional and global analysis of the three-layer intrusion detection model, and focuses on the detection agent on the basis of management information database (MIB), the results show that the model can effectively enhance the safety performance of network management and improve the efficiency of intrusion detection system.
出处
《电子设计工程》
2014年第1期165-167,共3页
Electronic Design Engineering
关键词
入侵检测
网络安全管理
入侵检测代理
MIB
intrusion detection
network security management
intrusion detection agent
MIB
