Font Size: a A A

Research On Data Collecting Technology In Intrusion Detection

Posted on:2006-05-05Degree:MasterType:Thesis
Country:ChinaCandidate:S FengFull Text:PDF
GTID:2168360152470666Subject:Computer application technology
Abstract/Summary:PDF Full Text Request
With the fast development and widely use of internet and its technology, we depend more and more on the internet. But the problem of information security is becoming a hot topic. The traditional encrypt and firewall techniques can't completely satisfy the need for security, while Intrusion Detection technology shows its importance as a method of active defense.Snort is an open source network intrusion detection systems which brings chance to people world-wide who can study and maintain this system. Snort is a typically network intrusion detection systems which design principle and implement characteristic is the foundation of most business application now. It is very significant to research on the Snort system.The basic knowledge of intrusion detection systems, the background and history of intrusion detection systems, and the actuality and trend are firstly introduced.Secondly the paper use Snort system as a research subject, analyze its composition and work pattern. The basic frame and the application of Snort are discussed. Particularly after us studying the detection technique, such as Boyer-Moore algorithm and AC-BM algorithm, the drawbacks and improved methods are pointed out.Thirdly the paper demonstrates the configuration of Snort in detail, test the performance of Snort and indicate the problems at present.Finally the paper does a research on data collecting technology. In this part of work, we analyze the most common network intrusion -Deny of service (Dos), and draw a conclusion that the one reason for the intrusion is the fragment datagram. We study and improve the present data collecting algorithm. Taking fragment reassembly plug-ins in Snort as an example, the process of reassembling fragment is described.In the conclusion chapter the intrusion detection system at present are compared, and the further work is indicated.
Keywords/Search Tags:Intrusion detection system, Snort, data collecting, fragment reassembly
PDF Full Text Request
Related items