| The network environment becomes more and more complex, and the new methods of attacks occur increasingly, therefore single security technology can't satisfy the need for network security of corporations. Intrusion prevention system (IPS) is fresh info-security technology to make up for the inabilities of firewall and intrusion detection system (IDS). Firewall is able to defense attack actively, and IDS has the ability to detect network traffic. IPS implements tightly interactions between firewall and IDS by integrating their advantages to provide more effective security protection. At the same time, honeypot is capable to detect unknown attack and vicious behavior through attracting the attacks from Internet. Thus, it can reduce the rate of positive negative and false negative.We present the research into and analysis of many kinds of security resolution in the thesis. Based on the analysis, we propose a security defense framework, in which IPS takes main role and honeypot is complemental. Meanwhile we give the design and implementation of the new network-based IPS. It integrates the technologies of firewall and IDS with honeypot. Relying on the cooperation between these components, it improves the active and real-time ability of intrusion response. Furthermore, it implements complete protection of network environment and improves the entire security.
|
PDF Full Text Request