| The network information system security is a very complicated problem. It involves technology, management, usage and etc. The technique of intrusion detection and intrusion prevention has become the new generation information security technique. It actively identifies the malicious usage behavior of information system and actively responses to it. The IDS(Intrusion Detection System) and IPS(Intrusion Prevention System) not only detect and prevent the exterior network's intrusion behavior, but also keep watch on and prevent the internal network's mistaken operations.This paper firstly summarizes the traditional network information security techniques, the common intrusion methods and their countermeasures. Then it discusses the intrusion detection system's evolution, classification, detection methods, standardization and etc. Aiming at the new encountered problems about intrusion detection, this paper brings forward a design project of the intrusion detection system. It mainly includes the design of the whole system structure, the improvement of analysis subsystem's structure and detection methods, the design of honeypot and trap subsystem (including IP trap, service trap, file trap), the research of load balance about IDS, the protection for IDS self security with the novel techniques. In addition, this paper discusses the intrusion prevention technique from the aspect of intruder traceback and joint prevention. It puts forward a novel idea about IPS (Intrusion Prevention System) and designs a frame model about cooperation between IDS and dynamic firewall, a frame model about cooperation between IDS and router. This paper also designs a frame model about the Intrusion Prevention Protocol(IPP). Finally, this paper discusses the problems which IDS is presently faced with and the development trends of IDS.
|
PDF Full Text Request