| With more and more important information in the computer and the Internet system, the problem of Internet security focuses more and more people's attention. We have to find better measures to protect the system from being intruded by others. The technology of intrusion detection has already turned to be the new point of the research in the Internet security. However, not only from the dimensions but from the methods, the intrusion technology alse has a rapid improvement. Now, it will be the new way in the research of instrusion detection, that how to build a system which is distributed, real-time, dynamical defense.Firstly, this thesis researches the intrusion detection system in detail from the datasource, the way of detection and so on. What's more, we emphasize on the problems in IDS and discuss the main technology of IDS development.Secondly, according to the shortage of IDS, the thesis intruduces and analyses the distrubuted middlemare technology—CORBA. Resultingly CORBA has it's own software bus point, it can easily solve the problem about the capability of heterogeneity and adaptability. And it discusses the security of CORBA. Because of CORBA's good performance in the real-time, this thesis proposes to mix expert system for misuse intrusion and data mining technology for anomaly intrusion from the detection measure, in order to improve the system ability of analyse and adaption to the new intusion.Finally, based on the research above, it designs a distrubuted network intrusion system, using CORBA, CDNIDS. The system architecture, cummnication model, fuction model are all described in detail, and this thesis also proposes the IDL code which is the key in the system communication, and analyse the key technology of the implement.CDNIDS is extensible in structure, adaptive in new intrusion an heterogeneous in platform. It has also promising application in complex network.
|
PDF Full Text Request