|
|
Intrusion Detection in SSH |
Ding Xiaofeng1 Li Zhouxian2 Liu Binghua1 Gu Wei1 Wu Nanning1 |
1 (Beijing Document Service, Beijing 100036, China)
2 (Management Section of Guard Bureau, General Staff, Beijing 100017, China) |
|
|
Abstract Widespread using the SSH protocol can greatly reduces the risk of remote computer access by encrypting the transmission of data. At the same time, because of the encrypted data, intrusion detection system based clear data can’t identify the encrypted attack information. This paper outlines the role of SSH and types of intrusion detection, then proposes techniques for an intrusion detection under SSH protocol.
|
Received: 24 September 2005
Published: 25 April 2006
|
|
Corresponding Authors:
Ding Xiaofeng
E-mail: ding-xiaofeng@sohu.com
|
About author:: Ding Xiaofeng,Li Zhouxian,Liu Binghua,Gu Wei,Wu Nanning |
1Alexis.Cort. Algorithmbased approaches to intrusion detection and response http://www.sans.org/rr/ whitepapers/detection/1413.php(Accessed Mar.8,2004)
2张杰,戴英侠.SSH协议的发展与应用研究. 计算机工程, 2002,28(10):13-15
3John McHugh,Alan Christie,Julia Allen.Defending Yourself:The Role of Intrusion Detection Systems IEEE SOFTWARE .2000.10
4唐正军.网络入侵检测系统的设计与实现.北京:电子工业出版社, 2002
5张岩,赵霁.基于SSH的网络安全解决方案现代电子技术,2004,27(1):104-106 |
|
Viewed |
|
|
|
Full text
|
|
|
|
|
Abstract
|
|
|
|
|
Cited |
|
|
|
|
|
Shared |
|
|
|
|
|
Discussed |
|
|
|
|