论文部分内容阅读
安全局域网是一种新型局域网安全方案,其主要特点在于阻止局域网内部泄密行为,增强局域网安全性能。但现有的安全局域网并不具备防御恶意攻击的能力。为加强安全局域网的防攻击能力,该文提出了一种在安全局域网的环境下基于主机的入侵防御系统的设计框架并进行了初步实现。该入侵防御系统能够监视局域网内各个主机的行为,并在事先建立的安全行为规则的基础上,实时判断并阻止局域网中的非法操作,进而防御局域网内的已知和未知入侵行为,保障局域网内的信息安全。
Security LAN is a new LAN security scheme, its main feature is to prevent LAN internal leaks and enhance LAN security. However, existing secure LANs do not have the ability to defend against malicious attacks. In order to strengthen the anti-attack ability of the security LAN, this paper presents a design framework of the host-based intrusion prevention system under the security LAN environment and carries out the initial implementation. The intrusion prevention system can monitor the behavior of each host in the LAN and judge and stop the illegal operation in the LAN in real time based on the pre-established rules of the security behavior so as to defend against the known and unknown intrusion in the LAN and guarantee the intra-LAN Information Security.