Abstract:
This paper proposes a network border security monitor method based on Public Key Infrastructure(PKI) according to the requirement and characteristic of network border security protection. The technique combines identity authentication mechanism based on PKI, intrusion detection technology and VPN technology. It can accurately locate the origin of intrusion and prevent attacks soon after real-time detection of intrusion behaviors via association analysis of network traffic and system log. As a result, it has higher accuracy and usability than general signature detection and abnormal detection technique.
Key words:
network border,
security monitor\ intrusion detection,
Public Key Infrastructure(PKI)
摘要: 针对网络边界安全防御的需求和特点,提出一种基于PKI技术的网络边界安全监控方法。该方法结合基于PKI的身份认证机制、入侵检测技术与VPN技术,通过对网络流量和系统日志的关联分析,能够在实时发现入侵行为的同时,准确定位入侵来源并实时阻断攻击,相比通用的特征检测和异常检测方法具有更强的准确性和可用性。
关键词:
网络边界,
安全监控,
入侵检测,
公钥基础设施
CLC Number:
JU Xiang, LIU Gao, WANG Fu. Network Border Security Monitor Method Based on PKI[J]. Computer Engineering, 2010, 36(13): 140-142.
邹翔, 刘浩, 王福. 基于PKI的网络边界安全监控方法[J]. 计算机工程, 2010, 36(13): 140-142.