在SSH协议下的入侵检测
丁晓峰1 李周贤2 刘炳华1 顾巍1 吴楠宁1
1 (北京文献服务处 北京 100036)
2 (总参警卫局管理处 北京 100017)
Intrusion Detection in SSH
Ding Xiaofeng1 Li Zhouxian2 Liu Binghua1 Gu Wei1 Wu Nanning1
1 (Beijing Document Service, Beijing 100036, China)
2 (Management Section of Guard Bureau, General Staff, Beijing 100017, China)
摘要 阐述SSH协议下入侵检测系统存在的问题,论述SSH协议下入侵检测的必要性和需要注意的两个问题,提出一种新的入侵检测方法。
关键词 :
SSH协议 ,
入侵检测系统 ,
特征检测 ,
异常检测 ,
IDXP协议
Abstract :Widespread using the SSH protocol can greatly reduces the risk of remote computer access by encrypting the transmission of data. At the same time, because of the encrypted data, intrusion detection system based clear data can’t identify the encrypted attack information. This paper outlines the role of SSH and types of intrusion detection, then proposes techniques for an intrusion detection under SSH protocol.
Key words :
SSH
IDS
Signature-based detection
Anomaly-based detection
IDXP
收稿日期: 2005-09-24
出版日期: 2006-04-25
通讯作者:
丁晓峰
E-mail: ding-xiaofeng@sohu.com
作者简介 : 丁晓峰,李周贤,刘炳华,顾巍,吴楠宁
引用本文:
丁晓峰,李周贤,刘炳华,顾巍,吴楠宁 . 在SSH协议下的入侵检测[J]. 现代图书情报技术, 2006, 1(4): 60-62.
Ding Xiaofeng,Li Zhouxian,Liu Binghua,Gu Wei,Wu Nanning . Intrusion Detection in SSH. New Technology of Library and Information Service, 2006, 1(4): 60-62.
链接本文:
https://manu44.magtech.com.cn/Jwk_infotech_wk3/CN/10.11925/infotech.1003-3513.2006.04.15
或
https://manu44.magtech.com.cn/Jwk_infotech_wk3/CN/Y2006/V1/I4/60
1Alexis.Cort. Algorithmbased approaches to intrusion detection and response http://www.sans.org/rr/ whitepapers/detection/1413.php (Accessed Mar.8,2004)
2张杰,戴英侠.SSH协议的发展与应用研究. 计算机工程, 2002,28(10):13-15
3John McHugh,Alan Christie,Julia Allen.Defending Yourself:The Role of Intrusion Detection Systems IEEE SOFTWARE .2000.10
4唐正军.网络入侵检测系统的设计与实现.北京:电子工业出版社, 2002
5张岩,赵霁.基于SSH的网络安全解决方案现代电子技术,2004,27(1):104-106
Viewed
Full text
Abstract
Cited
Shared
Discussed