| The net security seems to be a hi-technology digit seat of war where there is no smoke of gunpowder.Negative defense will only lead to be attacked and only depending on sealing off the existed system leaks can't solve information security problems.Today,the network security technologies,such as the firewall based on the access control,the encryption based on the cryptography,the VPN and the virus detection technology,can't adapt to such characters in the computer network attack-defense as the dynamic,the antagonistic,the uncertain and the unsymmetrical and so the intrusion detection technology comes to appear to meet this demand.As a positive and initiative security protection technology,the intrusion detection provides system the real-time protection to defense the inner and outside attack and the wrong operations and blocks and response to the intrusion before the network system is endangered.In this article,we set out from the intrusion detection technology and minutely analyze the reason there are too much alarm signal and excessive wrong-warning in the intrusion detection system and then advance the technology method to lower the wrong-warning.At present ,a vatiety of traditional static security defending system,such as firewall,identification ,data encryption and VPN,they can't completely solve all problems in the field of the Network Security.So,there comes the Intrusion Dectection Technology.The instrusion detection systems available can find the even of most network-based attacks,but can't judge the real locations of attackers.This paper presented a framework of nerwork attacker-tracing system.it then provided the system architure and listed the principal function.At last ,this thesis designs a distributed IDS and network Attack-Tracing System in windows including the system architure and lists the principal function and implements part of it.
|
PDF Full Text Request