提高入侵检测系统检测效率的新方法
New Approaches for Improving Detection Efficiency of Intrusion Detection Systems
-
摘要: 针对网络带宽的增加对入侵检测系统(IDS)提出的性能要求,提出2种提高IDS检测效率的方法,即按 照不同的控制策略使用IDS流量控制器进行IDS负载均衡和按照检测代价对攻击进行层次划分使IDS执行不 同的攻击检测。使用这些方法不仅能对IDS进行负载均衡,提高IDS整体检测效率,也可以使不同的IDS互为 冗余,提高入侵检测系统自身的抗攻击能力。Abstract: The growth of network bandwidth requires that intrusion detection systems (IDSs) have higher performances than ever. In this paper, two efficiency detecting approaches of IDSs are presented. One is to use an IDS traffic controller managed by an appropriate traffic control strategy to perform payload balancing; the other is to use attack level classification according to detection cost to arrange the tasks of different IDS. By using the two methods, the IDS traffic payload is balanced, resulting the increased overall detection efficiency; in addition, different IDSs are complemented each other, therefore the anti-capability of IDSs can be enhanced.
-
Key words:
- detection /
- efficiency /
- intrusion detection system /
- traffic control /
- payload balance
点击查看大图
计量
- 文章访问数: 1432
- HTML全文浏览量: 72
- PDF下载量: 195
- 被引次数: 0