ÈëÇÖ¼ì²âϵͳ°üÀ¨ÄÄЩ£¿ÈëÇÖ¼ì²âϵͳÊÇÒ»ÖÖÓÃÓÚ¼à¿ØºÍ¼ì²âÅÌËã»úÍøÂçÖеÄDZÔÚÈëÇÖÐÐΪµÄÇå¾²¹¤¾ß¡£Ëü¿ÉÒÔƾ֤Æä¼ì²âµÄÊý¾ÝȪԴºÍ¼ì²âÒªÁì


£¬·ÖΪÒÔÏÂÆßÖÖÀàÐÍ¡£

1. Ö÷»úÈëÇÖ¼ì²âϵͳ£¨Host-based IDS


£¬HIDS£©

ÈëÇÖ¼ì²âϵͳ°üÀ¨ÄÄЩ£¿Ê×ÏȾÍÊÇHIDS


£¬Ö÷Òª¼à¿ØºÍÆÊÎöµ¥¸öÖ÷»úµÄÔ˶¯


£¬°üÀ¨Îļþϵͳ¡¢×¢²á±í¡¢ÏµÍ³ÈÕÖ¾¡¢Àú³ÌºÍÍøÂçÅþÁ¬µÈ¡£Ëü¿ÉÒÔ¼ì²âµ½Ö÷»úÉϵÄδ¾­ÊÚȨÐÐΪ


£¬ÈçÎļþ¸Ä¶¯¡¢Òì³£Àú³ÌºÍδ֪ÍøÂçÅþÁ¬µÈ¡£

2. ÍøÂçÈëÇÖ¼ì²âϵͳ£¨Network-based IDS


£¬NIDS£©

Ö÷Òª¼à¿ØºÍÆÊÎöÍøÂçÁ÷Á¿


£¬Í¨¹ý¼ì²âÊý¾Ý°üºÍÍøÂçЭÒéµÄÒì³£ÐÐΪÀ´·¢Ã÷DZÔÚµÄÈëÇÖÐÐΪ¡£NIDS¿ÉÒÔ¼ì²âµ½ÍøÂçÉϵÄɨÃè¡¢ÈëÇÖʵÑéºÍ¶ñÒâÁ÷Á¿µÈ¡£

3. ÂþÑÜʽÈëÇÖ¼ì²âϵͳ£¨Distributed IDS


£¬DIDS£©

Óɶà¸öIDS×é³ÉµÄϵͳ


£¬¿ÉÒÔÅäºÏ¼à¿ØºÍÆÊÎöÍøÂçÖеÄÁ÷Á¿¡£ÂþÑÜʽIDS¿ÉÒÔÓÐÓõش¦Öóͷ£´ó×ÚÁ÷Á¿ºÍÂþÑÜʽ¹¥»÷


£¬²¢Ìá¸ßÈëÇÖ¼ì²âµÄ׼ȷÐÔ¡£

4. ÐÐΪÈëÇÖ¼ì²âϵͳ£¨Behavior-based IDS£©

ͨ¹ý½¨ÉèÕý³£ÐÐΪģ×Ó


£¬¼ì²âϵͳÖеÄÒì³£ÐÐΪ¡£Ëü¿ÉÒÔ¼ì²âµ½Î´ÖªµÄÈëÇÖÐÐΪºÍÐÂÐ͹¥»÷


£¬µ«¹ØÓÚÖØ´óµÄ¹¥»÷¿ÉÄܱ£´æÎó±¨ÂʽϸߵÄÎÊÌâ¡£

5. ÊðÃûÈëÇÖ¼ì²âϵͳ£¨Signature-based IDS£©

ͨ¹ýÔ¤ÏȽç˵µÄÌØÕ÷ºÍ¹æÔò


£¬¼ì²âÒÑÖªµÄÈëÇÖÐÐΪ¡£ÊðÃûIDS¿ÉÒÔ¼ì²âµ½ÒÑÖªµÄ¹¥»÷ģʽ


£¬µ«¹ØÓÚÐÂÐ͹¥»÷¿ÉÄÜÎÞ·¨ÊµÊ±Ê¶±ð¡£

6. Òì³£ÈëÇÖ¼ì²âϵͳ£¨Anomaly-based IDS£©

ͨ¹ý¶ÔÕý³£ÍøÂçÁ÷Á¿ºÍϵͳÐÐΪµÄѧϰ


£¬¼ì²â²»ÇкÏÕý³£Ä£Ê½µÄÒì³£ÐÐΪ¡£Òì³£IDS¿ÉÒÔ¼ì²âµ½Î´ÖªµÄÈëÇÖÐÐΪºÍÐÂÐ͹¥»÷


£¬µ«¹ØÓÚÖØ´óµÄ¹¥»÷ģʽ¿ÉÄܱ£´æÎó±¨ÂʽϸߵÄÎÊÌâ¡£

7. »ìÏýÈëÇÖ¼ì²âϵͳ£¨Hybrid IDS£©

ÍŽáÁ˶àÖÖÈëÇÖ¼ì²âÊÖÒÕ


£¬×ÛºÏʹÓÃÆäÓÅÊÆÀ´Ìá¸ß¼ì²â׼ȷÐÔºÍÁýÕÖ¹æÄ£¡£»ìÏýIDS¿ÉÒÔÍŽáÊðÃûºÍÐÐΪÆÊÎöµÈ¶àÖÖÒªÁì


£¬Ìṩ¸üÖÜÈ«µÄÈëÇÖ¼ì²âÄÜÁ¦¡£

ÀýÈç


£¬97¹ú¼ÊÍøÂçÐÂÍƳöµÄRG-IDPϵÁÐÈëÇÖ¼ì²âϵͳ


£¬RG-IDP 1000E V2.0


£¬Ëü¿ÉÒÔʵÏÖÉî¶ÈÄÚÈݼì²â¡¢Çå¾²·À»¤¡¢ÉÏÍøÐÐΪ¹ÜÀíµÈÈëÇÖ¼ì²â·ÀÓù¹¦Ð§¡£Ëü¾ßÓÐÍêÉƵķÀÓùϵͳ


£¬Ìṩ½©Ê¬ÅÌËã»úÕì²â¡¢¸»ºñµÄÉÏÍøÐÐΪ¹ÜÀí¡¢ÖÜÈ«µÄÈÕÖ¾±¨±í¹¦Ð§ºÍÀû±ãµÄ¼¯ÖйÜÀí¹¦Ð§¡£ÏêÇéÇëÉÏ°¶ÍøÖ·/cp/aq-yyfh/idp1000ev2/ÅÌÎʸü¶àÐÅÏ¢¡£

×ÜÖ®


£¬ÈëÇÖ¼ì²âϵͳ°üÀ¨HIDS¡¢NIDS¡¢DIDS¡¢Behavior-based IDSµÈÒÔÉÏÆ߸öÀàÐÍÊDZ£»¤ÅÌËã»úÍøÂçÇå¾²µÄÖ÷Òª¹¤¾ß


£¬Í¨¹ý¼à¿ØºÍÆÊÎöÍøÂçÁ÷Á¿¡¢ÏµÍ³ÐÐΪºÍÆäËûÏà¹ØÊý¾Ý


£¬¿ÉÒÔʵʱ·¢Ã÷ºÍÓ¦¶ÔDZÔÚµÄÈëÇÖÐÐΪ¡£