Research,Design And Implement Of Intrusion Prevention System

With the increasing number of cyberthreats around the Internet, such as the fast spreading worms, the need for new technologies that could prevent these attacks from occurring is real. Thus, a new technology was born trying to join all resources of those well-designed but not completely successful technologies into one: an Intrusion Prevention System or IPS. IPS is defined as any device (software or hardware) that has the ability to detect known and unknown attacks, and prevent the attack from being successful. The technology is optimization and combination of the firewall technology and intrusion detect technology. Different IPS has different realizing method. The common ground of different IPS is that all combine the prevent function of the firewall with the network data packets detect function of the intrusion detect system. Operating with each other, the firewall and intrusion detect system provide more complete protect for the network. This project mostly concern design and implement a kind prototype system of IPS.At the very beginning, this paper introduces intrusion detect technology and firewall technology relating to the topic, and gives a thoroughly overview of network hacking methods and defending ways.Then we research the status of intrusion prevention system, and indicate the development direction. We expatiate about the system design project of intrusion prevention system. We give the construction and work flow, bring forward a intrusion prevent system frameworks. This framework can provide complete protect environment for the system and improve the entire security. The main data structure is declared also. Then we detail how to design the core moduleAt the end of this thesis, the testing result of a kernel module in this system has been illustrated. A brief prospect for the future extended development on basis of existing system has been shown.