基于虚拟机技术的入侵检测系统攻击仿真平台的研究和实现
The Research and Implementation of Attack Simulation Platform for Testing Intrusion Detection System Based on Virtual Machine Technology
-
摘要: 攻击仿真平台是入侵检测系统(Intrusion Detectoin System,IDS)测试平台的核心组成部分。该文从攻击测试的角度,提出了一种基于虚拟机技术的IDS攻击仿真平台。首先介绍攻击仿真的测试目标和内容,并提出了攻击仿真系统和仿真平台的设计和实现的详细方案;同时,在此基础上,对该平台的设计和实现的3个关键技术:测试数据的选择、攻击技术的分类研究、攻击测试域及其划分等进行了进一步的分析,最后给出并分析了实验测试结果。
-
关键词:
- 入侵检测系统;仿真平台;虚拟机;攻击测试
Abstract: Attack simulation plays a key role in testing Intrusion Detection System(IDS). Prom the viewpoint of attack testing, an attack simulation platform is put forward for testing IDS based on virtual machine technology. First of all, the testing aims and contents of attack simulation are proposed. Then, the design and implementation of the attack simulation platform are presented in detail. Under the platform, that the authors build, three key issues in realization of the platform :the choice of testing datum, the classification of attack technology, and the attack testing zones and their compartmentalization are discussed in detail. Finally, the test results are given. -
Puketza N, et al.. A software platform for testing intrusion detection system. IEEE Software Magazine, 1997, 14(5): 43-51.[2]蔡忠闽,等.入侵检测系统评估环境的设计与实现.系统仿真学报,2002,14(3):377-380.[3]Eric Cole著,苏雷,等译.黑客-攻击透析与防范.北京:电子工业出版社,2002:152-165.[4]Miller I. Protection Against a Variant of the Tiny Fragment Attack, RFC3128 Singularis Ltd.2001.[5]张铭来,等.网络型入侵检测系统存在的漏洞及其对策研究.计算机工程,2002,28(1):172-174.[6]Nash D A, Ragsdale D J. Simulation of self-similarity in network utilization patterns as a precursor to automated testing of intrusion detection systems. IEEE Trans. on Systems, Man and Cybernetics: Part A, 2001, SMC-A-31(4): 327-331.[7]Erbacher R F, Walker K L, Frincke D A. Intrusion and misuse detection in large-scale systems. IEEE Computer Graphics and Applications, 2002, 22(1): 38-47.[8]James Stanger,Patrick T Lane著,钟日红,等译.Linux黑客防范开放源代码安全指南.北京:机械工业出版社,2002:176-190.
计量
- 文章访问数: 2544
- HTML全文浏览量: 133
- PDF下载量: 1165
- 被引次数: 0