计算机工程与应用 ›› 2009, Vol. 45 ›› Issue (9): 88-91.DOI: 10.3778/j.issn.1002-8331.2009.09.025

• 网络、通信、安全 • 上一篇    下一篇

基于入侵防御系统的完备化规则库

王 杰,郑 晓,刘亚宾   

  1. 郑州大学 电气工程学院,郑州 450001
  • 收稿日期:2008-09-08 修回日期:2008-11-19 出版日期:2009-03-21 发布日期:2009-03-21
  • 通讯作者: 王 杰

Complete rule base of intrusion prevention system

WANG Jie,ZHENG Xiao,LIU Ya-bin   

  1. School of Electrical Engineering of Zhengzhou University,Zhengzhou 450001,China
  • Received:2008-09-08 Revised:2008-11-19 Online:2009-03-21 Published:2009-03-21
  • Contact: WANG Jie

PDF

摘要: 对于目前入侵防御系统(IPS)中规则库日益增大并且无法完备的特点,提出了一套完备化规则库系统。通过对网络操作行为的分解和对各种数据的挖掘,形成最基本最小的网络行为语言描述单元(网络行为描述DNA),再使用Teiresias进化算法对其进行全局遍历性的组合,计算产生新的描述语言,进行可行性判断后,对可行的结果进行规则匹配并进行风险评估,产生新的防御规则,从而达到入侵防御系统规则库完备的目的。

关键词: 入侵防御, 规则库, 完备化, 网络行为描述DNA, Teiresias算法

Abstract: Regarding the characteristic that rule base of intrusion prevention system grows rapidly and is unable to complete,the paper proposes a complete rule base.Through the decomposition of network operation behavior and the data mining of various data,forms the most basic smallest unit of network operation behavior(DNA of network action description),uses the Teiresias evolution algorithm to carry on the overall situation ergodicity combination to produce the new description language.After the feasible judgment,carries on the rule base matching and the risk assessment,then produces the new defense rule,thus reaches the goal of completing the rule base of IPS.

Key words: intrusion prevention, rule base, completely, DNA of network behavior description, Teiresias algorithm

京ICP备13024262号-1
Copyright © 《计算机工程与应用》编辑部
技术支持:北京玛格泰克科技发展有限公司
总访问量
今日访问
在线人数