【摘要】 模式匹配技术是入侵检测系统中常用的分析方法,随着网络技术的高速发展,仅仅使用这种检测方法存在一些弊端。本文揭示了模式匹配技术的弱点,分析了一种新的、有效的检测方法,即协议分析技术。同时举例说明了协议分析技术的特点,指出发展基于状态的协议分析技术的入侵检测系统具有更大的优势。更多还原

【Abstract】 Pattern matching algorithms are commonly used in intrusion detection system,with the network technology high-speed developing,but pattern matching alone is not enough.In this paper,the vulnerability of pattern matching is analyzed,and an effective detection method which is called protocol analysis is proposed.An example is given to illuminate the characteristic of protocol analysis,and the paper points out that stateful protocol analysis is one of the most advantaged areas of network intrusion detection system.更多还原