摘要
随着计算机网络的发展,网络安全已成为现代计算机系统的一个重要研究课题,入侵检测技术是实现网络安全的主要技术之一。Linuxshell广泛应用于网络安全领域,出现了基于脚本的入侵检测技术。入侵检测数据之间具有耦合性、关联性和复杂性,只对单个日志进行分析的常规脚本检测容易导致漏报。基于Linux操作系统,采取联系分析的方法对黑客入侵特征进行检测,并运用一个脚本程序对这个方案进行了实验和分析。
With the rapid expansion of computer networks during the past few years, security has become a crucial issue for modern computer systems, and intrusion detection is an important security technology. Linux shell is widely used in the network security field including intrusion detection system. There is some relationship between the data for detection, so the normal shell which only checks a log may fail to report intrusion information. The paper uses a relation analysis method to detect hacker intrusion signatures, and gives a shell program on Linux to experiment and analyze the subject.
出处
《桂林电子工业学院学报》
2003年第6期18-21,共4页
Journal of Guilin Institute of Electronic Technology
基金
广西教育厅基金项目(D200126)
