| Intrusion detection is an important task in the field of information secutiy. It developed in the 90's. For its difficulty and featuring a wide range of scientific fields, few successful intrusion detection systems are seen in foreign countries. Intrusion detection technology is that one kind protects oneself from a kind of network safe practice attacked voluntarily, continue the security technology of new generation after the traditional safe protective measure, such as fire wall,the data encrypted etc. As rational supplement of fire wall, invade detection technique can help the system to deal with attack of network, expand security managerial ability of system manager, raise the integrality of the safe infrastructure of the information.First, this dissertation analyses and summarizes the current status of intrusion reaserch, focuses on discuss many kinds of IDS algorithms, at the same time, we analyse their virtue disadvantage of them. Second, this dissertation surveys the pattern matching algorithms such as BF,KMP,BM and analyses the performance of them. Then we provide some improvement for KMP algorithm and BM algorithm, and the advantage of the improved algorithms in time complexity is proved by experiment. Third, Snort, as a kind of lightweight network intrusion detection systems, is detail discussed about characteristic,system framework,operating principle and rules. Then it is optimized on visual beginning interface and alarm analyse platform. At last, the analysis of the advantages and disadvantages about protocol analysis and the pattern matching is given. And the detection method of combing protocol analysis with pattern matching is used in the design plan of data analysis module. |
PDF Full Text Request