高速网络环境下的入侵检测技术研究综述倡.pdf

第 27 卷第 5 .5
2010 年 5 月 Vol No2010
Application Research puters May
高速网络环境下的入侵检测技术研究综述倡
史志才, 夏永祥
(上海工程技术大学电子电气工程学院, 上海 201620)
摘要: 高速网的普及应用对入侵检测技术提出了更高要求,传统的方法已难以适应处理大流量的网络数据。
对入侵检测过程进行分析,指出高速网络环境下制约入侵检测效果的不利因素和难点,强调应从数据包捕获、模
式匹配、负载均衡、系统架构等方面入手,充分利用软件的灵活性、专用硬件的并行性和快速性来提高入侵检测
系统的性能,以适应高速的网络环境。
关键词: 网络安全; 入侵检测; 高速网; 模式匹配
中图分类号: 393畅08 文献标志码: 文章编号: 1001唱3695(2010)05唱1606唱05
TP A
: /. .
doi j issn
唱
Survey on intrusion detection techniques for high works
唱, 唱
SHI Zhi cai XIA Yong xiang
( School of Electronic Electric Engineering, Shanghai University of Engineering Science, Shanghai 201620, China)
&
Abstract: 唱唱
The wide. application of high works requires that intrusion detection systems. should have better perfor唱
mances than before The traditional. methods could not process work traffic effectively This paper analyzed the proce唱
dures of intrusion detection唱 It pointed out. the harmful factors and difficulties, which degraded, the performance of intrusion de
tection systems for high. works Stressed that packet capture pattern matching load balance and system frame should
be thought together The flexibility of software and the quickness and parallelism of specific. hardware made full use to enhance
Keythe performance words: of intrusion detection; systems so that; they唱 could suit high; ne