| IDS Technology is a new generation of security guarantee technology. It can efficiently recognize and response to user's activity on host and network resources. Not only can it detect the intrusion activity from outside, but also can detect the non-authorized activity from inner network.Due to the some normal IDS's low efficiency, high error report rate, bad self-security, this thesis has given out a new-type hybrid intrusion detection system (HSIDS) design with high efficiently, good self-security, combining the distrubited information gathering with the centralized managerment, and combining the NID and the HID. The detailed design scheme also has been presented.The HSIDS adopts the "Black hole" hidden setting, greatly decreasing the posiblity for hacker to discover and attack the HSIDS. Combining the NID with HID by system can lower the rate of Intrustion Detection reports missing and rate of error reports. Enhanced detection algorithm has raised the detection engine speed. Open detection rules are easy to upgrade, and has improved the detection capability. Security mangerment on web-mode can control security events in whole monitered network very well. Methods on combining passive defence with active defence have prevented system from intrusion effectively.This thesis has accounted for HSIDS design in detail, and has also given out validation and testing results to relative design schemes.
|
PDF Full Text Request