基于APT攻击的网络检测系统算法优化
    点此下载全文
引用本文:蔡晶晶1, 郑学智2.基于APT攻击的网络检测系统算法优化[J].计算技术与自动化,2019,(3):147-150
摘要点击次数: 15
全文下载次数: 0
作者单位
蔡晶晶1, 郑学智2 (1. 武汉邮电科学研究院湖北 武汉 4300742. 武汉烽火通信科技有限公司湖北 武汉 430074) 
中文摘要:以Snort为核心,以分层分布式网络为框架构建基于APT攻击的入侵检测模块的防御系统,并提出了一套新的OTN动态匹配算法。首先,介绍了APT攻击的特点。然后提出了一套针对APT攻击的基于Snort的防御检测模型,并在Snort原有的三步动态调节算法的基础上,提出了一个新的动态匹配算法。最后,用原有的动态匹配算法与改进型动态匹配算法做对比实验,对最终结果进行对比分析。得出结论,采用新型动态匹配算法的分布式网络检测系统对网络安全防护的功能有明显的提高。
中文关键词:入侵检测  Snort  APT  匹配算法
 
Algorithm Optimization of Network Detection System Based on APT Attack
Abstract:This paper takes snort as the core and builds the defense system of APT attack-based intrusion detection module based on hierarchical distributed network, and proposes a new OTN dynamic matching algorithm. Firstly, the characteristics of APT attacks are introduced. Then a set of snort-based defense detection model for APT attacks is proposed. Based on the original three-step dynamic adjustment algorithm of snort, a new dynamic matching algorithm is proposed. Finally, a new dynamic matching algorithm is proposed. Using the original dynamic matching algorithm and the new dynamic matching algorithm to do the contrast experiment, the final result is compared and analyzed. and the conclusion is that the distributed network detection model using the new dynamic matching algorithm can better meet the needs of network security protection.
keywords:intrusion detection  Snort  APT  matching algorithm
查看全文   查看/发表评论   下载pdf阅读器