CAJ | 학술논문

传统的网络入侵检测方法虽然可以检测到包含入侵信号的数据报文，但是检测速度和效率都难以适应高速的网络环境。论文应用否定匹配方法优化网络入侵检测中传统检测算法，设计了基于否定匹配的内容过滤算法，先对报文进行分段，然后过滤报文段内容中不含入侵信号的正常报文，再对怀疑含有入侵信号的报文段进行详细检测，提高了检测匹配速度和效率。
전통적망락입침검측방법수연가이검측도포함입침신호적수거보문，단시검측속도화효솔도난이괄응고속적망락배경。논문응용부정필배방법우화망락입침검측중전통검측산법，설계료기우부정필배적내용과려산법，선대보문진행분단，연후과려보문단내용중불함입침신호적정상보문，재대부의함유입침신호적보문단진행상세검측，제고료검측필배속도화효솔。
Traditional network intrusion detection method can be used to check the data message containing the intru‐sion signal ,but the detection speed and efficiency are difficult to adapt high speed network environment .Negative pattern method is used to optimize the traditional detection algorithm in network intrusion detection ,the content filter algorithm is designed based on negative pattern .Firstly ,the message is divided into segment ,and then the normal message segment which does not contain the intrusion signal is filtered ,the message segment which is suspected containing intrusion signal is checked in detail to improve the detection matching speed and efficiency .