| 基于邮政综合网的Snort规则库的优化设计 |
| |
| 引用本文: | 张宏宇,蒋文保,刘宝旭.基于邮政综合网的Snort规则库的优化设计[J].信息安全与通信保密,2009(3):93-95. |
| |
| 作者姓名: | 张宏宇 蒋文保 刘宝旭 |
| |
| 作者单位: | 1. 中国科学院研究生院,北京,100049
2. 北京信息科技大学,北京,100101 |
| |
| 基金项目: | 北京市自然科学基金,海南省自然科学基金 |
| |
| 摘 要: | 为了保护邮政综合网的网络安全,在该环境下部署Snort入侵检测系统,该技术可以保护邮政业务应用系统、邮政生产的正常运行。论文在此基础上,研究了如何对入侵检测系统的性能进行优化,文中从系统的核心部件规则库人手,依据细化的原则,应用协议分析技术,提出规则库的优化方案,并通过实验证明该优化方案可显著提高Snort入侵检测系统的性能。
|
| 关 键 词: | 邮政综合网 规则库 协议分析 |
Optimal Design on Rule Base of Snort Based on Postal Comprehensive Network* |
| |
| ZHANG Hong-yu,JIANG Wen-bao,LIU Bao-xu.Optimal Design on Rule Base of Snort Based on Postal Comprehensive Network*[J].China Information Security,2009(3):93-95. |
| |
| Authors: | ZHANG Hong-yu JIANG Wen-bao LIU Bao-xu |
| |
| Institution: | ZHANG Hong-yu, JIANG Wen-bao, LIU Bao-xu (1.Graduate School, Chinese Academy of Sciences, Beijing 100049, China; 2.Beijing Information Science & Technology University, Beijing 100101, China; 3.Computering Center, Institute of High Energy Physics, CAS, Beijing 100049, China) |
| |
| Abstract: | In order to protect the network security of Postal Comprehensive Computer Network, snort intrusion detection system is deployed in this network. This system can protect post business application system in normal operation of the postal production. On this basis, this paper studies how to optimize the performance of IDS. Beginning with the rule base of the core parts of system and based on the fining principle the optimization scheme of rule base is designed by protocol analysis technology. The experiment results show that this method is useful and available, could improve the whole performance of IDS. |
| |
| Keywords: | postal comprehensive computer network rule base protocol analysis |
| 本文献已被 维普 万方数据 等数据库收录! |
|
