ODD_NAD-The Design And Develop Of A Distributed Network Active Defense System

Recently, network security is becoming one of the most attractive subjects in thecomputer field. Therein, Network Active Defense is one of the most important aspects.Network Active Defense System is an intellectualized network-protection method. Itcan reduce network administrator's burden, and improve network's security. More andmore network-security companies devote themselves to the development of NetworkActive Defense System. But most of their products are not satisfied. Based on this, webring forward the idea of developing ODD_NAD. ODD_NAD is an open, dynamic, distributed Network Active Defense System. Itdetects intrusions by analyzing network traffic in real time, and responds the intrusionwith pre-defined actions. Depending on its protection, the Intranet can be safe from allavailable malicious access and attack. ODD_NAD has its own advantages, such asfacilitating operating, providing excellent flexibility and expansibility. In the beginningof this thesis, we introduce the basic concept of NAD (Network Active Defense). Thenwe describe the ODD_NAD characteristics, architecture (including physical architecture,logical architecture and software architecture) and implementation of current prototype.Finally, we display the application of ODD_NAD System. Chapter one describes the classification and form of the network-security systems,analyzes the advantage and disadvantage of all kinds of defense measures. In general,the traditional measures are not fit to today's network-security defense. Based on thispoint, we fetch the NAD system's signification and characteristics. Chapter two includes the ODD_NAD system's designing requests. An ODD _NAD system should be open, dynamic, distributed and active defense. Chapter three introduces the ODD_NAD system by the physical structure, logicalstructure and the software structure, and the functions and actions of every part of thesesystems. Chapter four focuses on the collective design. We introduce the blue print,macrocosmic model, the main manager's design patterns and models and the distributeddesign of the system to the ODD_NAD system. Specifically, the design idea and themain structure are emphasized. Chapter five focuses on the main function module of ODD_NAD system, whichincludes two issues: one is how the ODD_NAD systems learn the network action, and III重庆大学硕士学位论文 英文摘要the other is how the systems complete the active defense mission. Chapter six analyzes some algorithms of the system, namely, the distributed systemalgorithm, the protocol analyzing finite state machine algorithm and the encryptalgorithm used in the communication system. Chapter seven presents the test methods used in the ODD_NAD systems. Anapplication in a certain custom of china is also demonstrated.