The Design Of Distributed Network Attack Detection And Defense System

With the fast development of the computer network, the support effect of the information systems to economic developments national security, social stability increasing steadily, at the same time, the contest surrounding the information acquire and uti 1 ize grow in intensity, the threaten of attacks that the information systems undergo become more and more severity. The information security assurance power has already been an important symbol of the national strength. At present, there comes various securi ty technologies, and many of them get abroad application, and firewall and intrusion detection are the two technologies that are applied most comprehensive, but the two security technologies will have defects when they are used alone. The main content, we will research in this task is how to utilize these two security technologies synthetical to build a multilayer and incorporate attack-detect and defense system.in this paper, we analyze the firewall and intrusion detection technology deeply and summarize their advantage and disadvantage. On the basis of this, we put forward the idea that take the security management center as the kernel, build an attack-detect and defense system through combining the firewall and intrusion detection in indirect way, present the model and structure of the system; design and implement the network based subsystem and the packet filtering firewall subsystem based on the NDIS, and also give out the design of the security management center. The communication between each subsystem and the security management center integrates many kinds of network security mechanisms such as encryption, signature, authentication etc. In order to improve the reliability, security and the efficiency of the system, we put forward the two-staged correlation analysismodel based on the intrusion alert in this paper, build an mutual-act model basedon this model, and present corresponding description. Finally, we summarize thework in this paper and give the prospect of the research in the future.