摘要
入侵防御系统(IPS)是能够检测到任何攻击行为,包括已知和未知攻击,并能够有效地阻断攻击的硬件或者软件系统。讨论了入侵防御系统的概念和特征,分析了当前IPS的4种实现模型(在线模型、7层交换模型、7层防火墙模型和混合模型)的优缺点。为解决这些模型在同时提高网络性能和入侵检测准确度方面的难题,给出了一个基于WindFofce千兆网络数据控制卡的嵌入式入侵防御系统的实现实例。
Intrusion prevention system (IPS) is defined as any hardware or software systems that are capable of detecting attacks, both known and unknown, and preventing the attacks from being successful. Firstly, the definition and properties of IPS is discussed, then advantages and disadvantages of four current IPS implementation models are analyzed, i.e. in-line model, layer seven switch model, layer seven firewall model and hybrid model. And as a result an embedded IPS implementation solution based on Giga-bit network data control card called WindForce is presented, aiming at solving the dilemma of those models of improving both network performance and precision of intrusion detection simultaneously.
出处
《计算机工程与设计》
CSCD
北大核心
2007年第24期5844-5846,5866,共4页
Computer Engineering and Design
基金
"十五"国家科技攻关计划基金项目(2001BA101A08)
作者简介
吴海燕(1974-),黑龙江大庆人,女,博士,高级工程师,研究方向为计算机网络安全、教育信息化: E—mail:wuhy@cic.tslnghua.edu.cn
蒋东兴(1970-),男,副研究员,研究方向为教育信息化、计算机网络安全;
程志锐(1975-),男,工程师,研究方向为教育信息化、计算机网络安全;
高国柱(1975-),男,工程师,研究方向为教育信息化、计算机网络安全。
