计算机专业英语论文(关于网络安全-入侵检测)_英文版

Abstract—With the development of computer network

technology,the risk of network intrusion also has greatly increased.But the traditional Encryption and firewall technology can’t meet the security need today. So the intrusion detection technology is being developed quickly in recent years,which is a new dynamic security mechanism in a set of detecting, preventing the behavior of system intrusion.Unlike the traditional security mechanism,intrusion detection has many features such as intelligent surveillance,real-time detection,dynamic response and so on.And in a sense,intrusion detection technology is a reasonable supplement of firewall technology.

Index Terms—network security,intrusion detection

I.THE N ECESSITY OF I NTRUSION D ETECTION

With the development of computer network technology,the destructive effects and losses of network attacks also have greatly increased.

The network security is becoming more and more complicated,the traditional and passive Encryption and firewall technology can’t against the diverse and complex attacks. Recently,intrusion is very easy to many computer competent,and there are many intrusion courses and tools.

So it’s of great significance and necessity to develop the Intrusion Detection System.

II.T HE DEVELOPMENT OF I NTRUSION D ETECTION S YSTEM In 1980,James P.Anderson wrote a book named “Computer Security Threat Monitoring and Surveillance”,which explained the concept of Intrusion Detection in detail ,the threat classifications of computer system and the idea of monitoring intrusion activities using auditing tracking data.

From 1984 to 1986,Dorothy Denning and Peter Neumann worked out a real-time Intrusion Detection System model--IDES.

In 1990,L.Heberiein and some other people developed NSM(Network Security Monitor),which made a great development of IDS and has formed IDS based on network and IDS based on host computer.

After 1988,America began to study DIDS(Distributed Intrusion Detection System),which became a milestone-product of the history of IDS.

From 1990s to now,the research and development of Intrusion Detection System has made great process in intelligence and distribution.

III.DEFINITION AND WORK-FLOW

A.Definition

Intrusion Detection is the discovery of intrusion behaviors.It collects and analyses the data from some key points in computer networks or computer systems,and checks up whether there exists behaviors violating security policies or attacking signs in networks or systems.Then,it can sound the alarm or make corresponding response in time to ensure the confidentiality and availability of system resource.

B.Work-flow

1)Information Gathering

The first step of intrusion detection is information gathering.And the information include the contents of network traffic,the states and behaviors of the the connection of users and activities.

2)Signal Analysis

For the information gathered above,there are three technologies to analyze them:pattern matching,statistical analysis and integrity analysis.

3)Real-time Recording,Alarming and Limited Counterattack The fundamental goal of IDS is to make corresponding response to the intrusion behaviors,which includes detailed logging,real-time alarm and limited counterattack resource.

IV.G ENERIC M ODEL AND F RAMEWORK

A.The Generic Model

In 1987,Denning proposed a abstract generic model of intrusion detection. In figure 1 below,the model mainly consists of six parts:subjects, objects, audit records,activity profiles,exception records and activity rules.

Intrusion Detection in Network Security

Zhang San 201221xxxx

Master of Computing, xxx xx xx University,Wuhan,China

**************