面向协同防范的非侵入式ARC模型

    Non-intrusive ARC Model to Coordination Prevention

    • 摘要: 针对分布式环境下系统的安全性问题,引入了一个基于ARC模型的非嵌入式结构,ARC模型是由actor、role和coordinator组合而成.其中,actor用来模拟计算实体,role和coordinator用来执行控制功能.模型将攻击行为的特征以约束的方式配置到coordinator、role,同时融合了入侵检测中常用的特征检测和异常检测方法.它基于message、event通讯机制,实现了对攻击行为的监测、阻击、识别、处理,提高了系统的防范攻击和生存能力.

       

      Abstract: A non-embedded structures based on the ARC model,which is a combination of actor,role and coordinator,is introduced to the security system in the distributed environment.Actor is used to simulate the computing entity while role and coordinator are used to perform control functions.The characteristics of the attacks are configured to coordinator and role in a way of constraint by the model,combining feature detection and anomaly detection method usually used in the intrusion detection at the same time.Based on the message and event communications,this model can achieve monitoring,blocking,identification and treatment to the aggressive behavior,and improve the ability in preventing attacks and survival of the system.

       

    /

    返回文章
    返回