关键词: 攻击检测 报警分析 报文捕获 报文存储 安全监控

Abstract:

With the development of computer network, it is more and more important to monitor the security of high-speed networks. Combining with the de-facto de mands, some useful ideas are presented in the paper. A prototype system is implemented and tested, which is a high-speed network security monitoring sys  tem based on key point capturing, real-time detection, early-warning and reaction to various network attacks. The system effectively resolves some Cruci al problems which exist in high-speed network security monitoring systems nowadays. This prototype system has been applied to network security monitorin g successfully.

Key words: （attack detection;alert analysis, packet capturing, packet storage, security monitoring）