| With the popularity of the Internet techniques,network security issues more and more attention has been paid, which have gradually become the focus of everyday life.Traditional network security technologies are protective, that is, by using firewall for security and defense measures.However, in the face of the network size enlargement and the development trend of the invasion,the firewall as the main defense technology appeared to be inadequate, resulting intrusion detection technology.Firstly,this paper introduces the historical background and development status of intrusion detection technology,summaries the basic theoretical knowledge which related to intrusion detection, fouse on the system architecture and operating mechanism of host-based intrusion detection system (HIDS) and network-based Intrusion Detection System (NIDS).secondly,choose intrusion detection software Snort as the object of study because of its lightweight and open-source.and studying system module institutions and rules of protocol analysis of Snort.In the section of pattern matching algorithm and improving.comprehensive introduction and analysis of more extensive used of several single-pattern matching algorithm and multi-pattern matching algorithm,proposing a new algorithm which combining matching algorithm of multi-mode AC-BM algorithm and single-mode matching algorithm BMH algorithm, as well as the SUNDAY algorithm.By Experiment comparison,proving the feasibility and efficiency of the new algorithm.The core design to improve the algorithm for a snort-based intrusion detection system.can complete a series of functions from network capturing to real-time detection and successful implement of this intrusion detection system.In the final stages of the paper,summarizing some of the shortcomings of the system design and future follow-up, and pleasing expert teachers to give criticism and correction. |
PDF Full Text Request