中国科学院软件研究所机构知识库
Advanced  
ISCAS OpenIR  > 中科院软件所  > 中科院软件所
题名:
分布式环境下针对入侵检测系统攻击检测技术研究与实践
作者: 黄菁
答辩日期: 2002
专业: 计算机应用技术
授予单位: 中国科学院软件研究所信息安全技术工程研究中心
授予地点: 中国科学院软件研究所信息安全技术工程研究中心
学位: 博士
关键词: 网络入侵检测系统 ; 拒绝服务攻击 ; 消息传递接口MPI
摘要: 网络入侵检测系统的安全有效性和生存健壮性等方面的测试是网络安全和入侵检测中的一个重要的研究课题,该文试图从攻击者的角度去评测网络入侵检测系统,希望能够提供一种实际有效的研究分析途径,相信对网络安全和入侵检测等方面的研究工作和相关IDS产品的改进和完善可以提供一个新思路.该文全面阐述了分布式环境下针对当前流行的网络入侵检测系统进行生存健壮性测试和拒绝服务攻击技术的研究以及相关的实验.该文首先简要介绍了入侵检测系统的工作原理及安全评估的主要技术指标,详细分析了入侵检测系统处理数据包的方法,并针对这些方法提出了攻击测试的原理和方法.在此基础上,设计了几个相应的攻击测试方案,构建攻击数据,并在分布式环境下采用多台主机协同运行,干扰网络入侵检测系统的正常运行,降低处理性能,检测系统的处理能力,评测网络入侵检测系统对拒绝服务攻击的免疫力.最后根据实验结果,对攻击测试效果进行了分析.
英文摘要: The research and development of Network Intrusion Detection System (NIDS) is the highlight of current network security research. There has appeared some available intrusion detection technology and system, however, most of the research still focuses on the performance and efficiency of NIDS and no enough concern and research has been put on the robust and security of NIDS itself. Aiming at lately popular NIDS, this paper tries something on this field. To test the secure efficiency and survivability of a NIDS is becoming an important project of network security. Therefore, this paper attempts to evaluate NIDS from the point of view of attackers and hopes to provide a practical and effective way. This is a beneficial attempt and offers a new idea to the research on network security and intrusion detection as well as improvement on the relevant production. In this paper, research and experiment on Denial of Service (DOS) attack technology and survivability testing against current popular NIDS under distributed environment are fully addressed. First 1 give a brief introduction on the principle of IDS as well as its main technologic parameters on evaluation. Then on the basis of that, 1 design the attacking scheme and construct necessary raw data and run it on multiple hosts under distributed environment which may disturb the normal data collection of NIDS, compromise its processing capability, thus testing the processing ability of NIDS and evaluating its immunity to DOS attack. Finally, I provide an analysis of the experiment's attack effect according to its results.
语种: 中文
内容类型: 学位论文
URI标识: http://ir.iscas.ac.cn/handle/311060/5818
Appears in Collections:中科院软件所

Files in This Item:

There are no files associated with this item.


Recommended Citation:
黄菁. 分布式环境下针对入侵检测系统攻击检测技术研究与实践[D]. 中国科学院软件研究所信息安全技术工程研究中心. 中国科学院软件研究所信息安全技术工程研究中心. 2002-01-01.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[黄菁]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[黄菁]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2017  中国科学院软件研究所 - Feedback
Powered by CSpace