| With the development of Internet, there are high demands for Internet applications. The network services, such as E_Bank and E_Commerce are becoming the part of life. And network attacks that intrude our system or get our information are increasing. People have realized the importance of network security.The traditional technology such as Firewall, Access control , Identification, Encryption provide safeguard for network, but they focus on the protection of the systems, the only defending easily leads to aimless construction of system, there are disadvantages in the protection of network for the firewall, the firewall is based on the address of IP, it only defends the attack from the outer intrusion, and there are defects for Firewall .Access control and Identification .Because the old security theories and technologies are limited in the environment of the current network, the advanced theories and technologies are needed greatly; presently the intrusion detection is the better technology for protection of network. The research and implement about the IDS are becoming important.The IDS is a system, which can protect our information. It can monitor our systems or networks. And many attacks can be orchestrated over a wide area network, and over a long period of time. It can timely detect the user' s misoperation, the outer and inner intrusions. When the damages happen it can respond actively, including inspecting and identifying intrusion, Identifying hacker, providing more information about intrusion, preventing from more attacks. Presently there are two technologies about intrusion;including Signature based Detection and Anomaly Intrusion Detection. At present, the IDS is developing, it has more defects. The last scholarship and application of the IDS, including detection means and architecture etc, were traced and studied in this thesis, the rate of Misuse Detection for the IDS is higher; improving the capability of the IDS is very necessary. Presently many systems focus on the particular analyzing, they can' t work in the large-scale network, and we should pay more attention to the network' s flux, and study the rule and the character of it.The environment of study is the network of campus, there are the Broad Bands, many computers, many users in the campus' s networks, and they are the bases of the Denial of Services. Then, aiming at the characters of campus network security and familiar Denial of Services, the network abnormal intrusion detection system based on the monitoring of network' s abnormal flux was advanced. I have designed the architecture of system, and have finished the system partly, the system including collecting data, analyzing data, analyzing abnormity, alerting. The system is based on the acting of network, there are rules for the network' s act including flux of network, in the long period it has the stability and rules, but in the short period it has the accidents. If we exclude the influence of Denial of Services, the curve of flux is consecutive. When intrusions happen, the swing of curve will become bigger. The accidental action of user, the Denial of Services and the virus of network have affections on the flux. Because we don' t know the actions of flux for the future, we may forecast the action of network by means of the periodicity of network.The system has been finished, Collecting Data is the base of system, it provides the necessary information for Analyzing Data,Analyzing Data is the most important part in the system; it analyzes the abnormal flux of network, and calculates the degree of abnormity. When the value of abnormity is bigger than the threshold, Analyzing Data mainly raise the alarm and give the particular information of alarm to Analyzing Abnormity. Analyzing Abnormity analyzes the particular information of alarm by the particular arithmetic, and judges the true intrusions.In the environment of campus, the author have tested the system, the system has ideal functions of detecting. I get a lot of important information of network by the system; I beli...
|
PDF Full Text Request