英语翻译In a network-based intrusion-detection system (NIDS),the sensors are located at choke points in the network to be monitored,often in the demilitarized zone (DMZ) or at network borders.The sensor captures all network traffic and analyzes t
来源:学生作业帮助网 编辑:作业帮 时间:2024/11/05 18:42:07
英语翻译In a network-based intrusion-detection system (NIDS),the sensors are located at choke points in the network to be monitored,often in the demilitarized zone (DMZ) or at network borders.The sensor captures all network traffic and analyzes t
英语翻译
In a network-based intrusion-detection system (NIDS),the sensors are located at choke points in the network to be monitored,often in the demilitarized zone (DMZ) or at network borders.The sensor captures all network traffic and analyzes the content of individual packets for malicious traffic.In systems,PIDS and APIDS are used to monitor the transport and protocols illegal or inappropriate traffic or constructs of language (say SQL).In a host-based system,the sensor usually consists of a software agent,which monitors all activity of the host on which it is installed.Hybrids of these two systems also exist.
A network intrusion detection system is an independent platform which identifies intrusions by examining network traffic and monitors multiple hosts.Network Intrusion Detection Systems gain access to network traffic by connecting to a hub,network switch configured for port mirroring,or network tap.An example of a NIDS is Snort.
A protocol-based intrusion detection system consists of a system or agent that would typically sit at the front end of a server,monitoring and analyzing the communication protocol between a connected device (a user/PC or system).For a web server this would typically monitor the HTTPS protocol stream and understand the HTTP protocol relative to the web server/system it is trying to protect.Where HTTPS is in use then this system would need to reside in the "shim" or interface between where HTTPS is un-encrypted and immediately prior to it entering the Web presentation layer.
An application protocol-based intrusion detection system consists of a system or agent that would typically sit within a group of servers,monitoring and analyzing the communication on application specific protocols.For example; in a web server with database this would monitor the SQL protocol specific to the middleware/business-login as it transacts with the database.
A host-based intrusion detection system consists of an agent on a host which identifies intrusions by analyzing system calls,application logs,file-system modifications (binaries,password files,capability/acl databases) and other host activities and state.An example of a HIDS is OSSEC.
A hybrid intrusion detection system combines two or more approaches.Host agent data is combined with network information to form a comprehensive view of the network.An example of a Hybrid IDS is Prelude.
英语翻译In a network-based intrusion-detection system (NIDS),the sensors are located at choke points in the network to be monitored,often in the demilitarized zone (DMZ) or at network borders.The sensor captures all network traffic and analyzes t
在一个基于网络的入侵检测系统(网络入侵检测系统) ,传感器,分别位于窒息点在网络中加以监测,往往是在非军事区( DMZ )或在网络的边界.传感器捕捉的所有网路流量分析的内容,个别的数据包的恶意流量.在系统,pids和apids是用来监测运输和议定书的非法或不适当的交通或建构的语言(说的SQL ) .在一个基于主机系统,传感器通常一个软件Agent ,监测所有的活动,该主机的安装它.杂交种的这两个系统也存在.
1网络入侵检测系统是一个独立的平台,其中确定了入侵研究的网络流量和监测多个主机.网络入侵检测系统获得的网络流量通过连接到集线器,网络交换机配置为港口镜像,或网络的自来水.一个例子,一个是网络入侵检测系统Snort的.
1基于协议的入侵检测系统包括一个系统或代理人,通常坐于前端服务器,监测和分析通信协议之间的连接的装置(用户/ PC或系统) .为Web服务器,这通常是监察HTTPS协议流和理解HTTP协议的相对到Web伺服器/系统,这是试图保护.凡通过https是在使用这个系统,然后将需要居住在“沉”或之间的接口的地方是联合国通过https加密,并立即之前,它进入Web演示文稿层.
1应用协议为基础的入侵检测系统包括一个系统或代理人通常会坐在一组服务器,监测和分析通信应用的具体协议.例如,在Web伺服器与资料库,这将监测的SQL议定书具体到中间件/商业登录交易,因为它与数据库.
1基于主机的入侵检测系统的一剂对东道国确定入侵通过分析系统调用,应用程序日志,文件系统修改(二进制文件,密码文件,能力/数据库的ACL )和其他东道国的活动和状态.一个例子,一个hids是ossec .
混合的入侵检测系统相结合的两个或两个以上的办法.主机代理的数据相结合的网络信息,形成一个全面的看法网络.一个例子,一种混合入侵检测系统是前奏.