基于脚本的千兆位入侵防御开放模型研究
收稿日期: 2008-08-03
修回日期: 2008-11-06
网络出版日期: 2010-01-18
Research on the MegaBits Network Environment’s Open Model of IntrusionPrevention Systems Based on the Script
Received date: 2008-08-03
Revised date: 2008-11-06
Online published: 2010-01-18
文着眼于提高入侵防御系统[1]的检测速度和精准度[2],遵循通用入侵检测框架(CIDF)[3]规范,依据基于网络的入侵检测系统(NIPS)的结构要求,依据层次化结构设计的思想,自底向上依次分为数据采集模块、事件生成引擎、策略脚本解释器和入侵防御模块四个部分。最后利用脚本描述,实现一个千兆环境下入侵防御集群开放模型。
梁波 , 邓辉 , 王锋 . 基于脚本的千兆位入侵防御开放模型研究[J]. 计算机工程与科学, 2010 , 32(1) : 32 -34 . DOI: 10.3969/j.issn.1007130X.2010.
Based on the Common Intrusion Prevention Framework (CIDF) and the NetworkBased Intrusion Prevention System (NIPS) standards, we present an intrusion prevention system called Gigabits IPS (GIPS), which is used to improve the prevention speed and accuracy, and to ensure highspeed network monitoring. The GIPS consists of the data capture module, the event generation engine, the policy script interpreter and the intrusion prevention module. With the script description, we implement a megabits network environment's cluster open model of intrusion prevention systems.
/
| 〈 |
|
〉 |