| This thesis mainly introduces an intrusion detection system (IDS) design and development based on match tree algorithm in Windows XP. The purpose of developing this system is to resolve some defects of current network intrusion detection system and more research IDS. This thesis firstly introduces IDS fundamental, hacker attack principle and common attack methods. Secondly, this paper expatiates on the design and implementation. Finally, this paper summarizes mainly development drawbacks of current network intrusion detection system, puts forward some methods to resolve these problems and points out the research direction and development trend. So, this paper may act as a reference of researching network intrusion detection system.The Network Intrusion Detection System (NIDS) mainly includes six models: data collection model, data analyse model, intrusion detection model, intrusion trace and proof model, database model and response model. This system has a detailed and simple rules database and effective detection arithmetic. It can timely trace and identify hackers' intrusion actions. The system has features of high detection efficiency, good expansibility, maturity self-security and simplification and so on. This system may detect and response common attacks. If the numbers of attack are larger, it has better performance than Snort system on alert veracity and detection efficiency. The system can achieve prospective detection purpose. So, the system has better advantage than Snort system on detection distributed intrusion.
|
PDF Full Text Request