检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
作 者:杨忠明[1] 梁本来[2] 秦勇[3] 蔡昭权[4]
机构地区:[1]广东科学技术职业学院计算机工程技术学院,广东珠海519090 [2]中山职业技术学院信息工程学院,广东中山528404 [3]东莞理工大学计算机学院,广东东莞523808 [4]惠州学院教育技术中心,广东惠州516007
出 处:《计算机应用》2017年第3期717-721,共5页journal of Computer Applications
基 金:国家自然科学基金资助项目(61170193);广东省工业高新技术领域科技计划项目(2013B010401036);广东省高等学校优秀青年教师培养计划项目(YQ2014187);广东省自然科学基金资助项目(S2013010013432);广东省教育厅科技创新项目(2013KJCX0178)~~
摘 要:为解决多引擎入侵检测系统的负载均衡问题,提出一种检测引擎的动态负载调节算法。首先,监测各引擎节点计算负载;然后,以过载或空载节点出现为调度时机,以会话为单位调度重负载节点的流量到低负载节点,并遍历节点进行负载均衡的调节。由于以会话为调度单位,算法并不以负载的绝对平均为目的,只需保障各引擎节点不出现过载或空载即达到基本目标。采用KDD cup99数据集进行模拟实验,实验结果表明,与平均分配流量算法和基于较大流调整的安全分流算法相比,所提算法对检测引擎基于会话的负载均衡效果显著,运行开销较低且降低了重负载状态下的丢包率,有利于提高入侵检测系统的检测率。To solve the load balance problem of multi-engine intrusion detection system, a dynamic load regulation algorithm of detection engine was proposed. Firstly, load was calculated by monitoring each engine node. Then, the scheduling of the heavy load node was performed by scheduling the overload or no-load node as a scheduling opportunity, and the nodes were traversed to adjust the load balancing. As the session for the scheduling unit, the algorithm was not the absolute average load for the purpose, just to ensure that the engine node does not appear overload or no load to achieve the basic goal. The KDD cup99 data set was used to simulate experiment. The experimental results show that compared with average load allocation algorithm and secure load allocation, the proposed algorithm has a significant effect on session-based load balancing, the running cost is lower, and the packet loss rate under heavy load are lower, which improves the detection rate of intrusion detection system.
关 键 词:入侵检测 负载均衡 流量调度 检测引擎 会话调度
分 类 号:TP393[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.28