摘要
针对目前防火墙和网络入侵检测系统在网络安全体系中存在的不足 ,提出了一个基于防火墙和网络入侵检测联动系统的框架模型 ,它有效克服了传统入侵检测系统不能实现主动控制的缺陷和防火墙规则配置的复杂性等问题。最后 ,从实现的角度 ,给出了整个联动系统的详细解决方案———采用基于连接检测的包过滤防火墙和基于状态转换分析的网络入侵检测系统相结合。
This paper proposes a new framework model of firewalls and network intrusion detection linkage systems after its weakness in network security systems is taken into consideration, which efficiently overcomes the difficulty of the traditional NIDS in the active access control and complexity of firewalls rule distribution. At last, this paper gives a detailed solution about the linkage systems——an efficient package filter firewall based on connecting analysis and an NIDS based on state transferring analysis. It not only raises detection speed and detecting veracity but also decreases false alert rate.
出处
《航空计算技术》
2003年第3期124-128,共5页
Aeronautical Computing Technique
