Institutional Repository
| 分布式环境下针对入侵检测系统攻击检测技术研究与实践 | |
| 黄菁 | |
| Major | 计算机应用技术 |
| 2002 | |
| Degree Grantor | 中国科学院软件研究所信息安全技术工程研究中心 |
| Degree Level | 博士 |
| Place of Degree Grantor | 中国科学院软件研究所信息安全技术工程研究中心 |
| Keyword | 网络入侵检测系统 拒绝服务攻击 消息传递接口mpi |
| English Abstract | 网络入侵检测系统的安全有效性和生存健壮性等方面的测试是网络安全和入侵检测中的一个重要的研究课题,该文试图从攻击者的角度去评测网络入侵检测系统,希望能够提供一种实际有效的研究分析途径,相信对网络安全和入侵检测等方面的研究工作和相关IDS产品的改进和完善可以提供一个新思路.该文全面阐述了分布式环境下针对当前流行的网络入侵检测系统进行生存健壮性测试和拒绝服务攻击技术的研究以及相关的实验.该文首先简要介绍了入侵检测系统的工作原理及安全评估的主要技术指标,详细分析了入侵检测系统处理数据包的方法,并针对这些方法提出了攻击测试的原理和方法.在此基础上,设计了几个相应的攻击测试方案,构建攻击数据,并在分布式环境下采用多台主机协同运行,干扰网络入侵检测系统的正常运行,降低处理性能,检测系统的处理能力,评测网络入侵检测系统对拒绝服务攻击的免疫力.最后根据实验结果,对攻击测试效果进行了分析. |
| Abstract | The research and development of Network Intrusion Detection System (NIDS) is the highlight of current network security research. There has appeared some available intrusion detection technology and system, however, most of the research still focuses on the performance and efficiency of NIDS and no enough concern and research has been put on the robust and security of NIDS itself. Aiming at lately popular NIDS, this paper tries something on this field. To test the secure efficiency and survivability of a NIDS is becoming an important project of network security. Therefore, this paper attempts to evaluate NIDS from the point of view of attackers and hopes to provide a practical and effective way. This is a beneficial attempt and offers a new idea to the research on network security and intrusion detection as well as improvement on the relevant production. In this paper, research and experiment on Denial of Service (DOS) attack technology and survivability testing against current popular NIDS under distributed environment are fully addressed. First 1 give a brief introduction on the principle of IDS as well as its main technologic parameters on evaluation. Then on the basis of that, 1 design the attacking scheme and construct necessary raw data and run it on multiple hosts under distributed environment which may disturb the normal data collection of NIDS, compromise its processing capability, thus testing the processing ability of NIDS and evaluating its immunity to DOS attack. Finally, I provide an analysis of the experiment's attack effect according to its results. |
| Pages | 52 |
| Language | 中文 |
| Content Type | 学位论文 |
| URI | http://ir.iscas.ac.cn/handle/311060/5818 |
| Collection | 中科院软件所_中科院软件所 |
| Recommended Citation GB/T 7714 | 黄菁. 分布式环境下针对入侵检测系统攻击检测技术研究与实践[D]. 中国科学院软件研究所信息安全技术工程研究中心. 中国科学院软件研究所信息安全技术工程研究中心,2002. |
| Files in This Item: | There are no files associated with this item. | |||||
Items in the repository are protected by copyright, with all rights reserved, unless otherwise indicated.
Edit Comment