The Research Of Intrusion Detection Technology And Its Application

With the accelerating development of information era, computers and computer networks are used more and more widely, and they connect more and more tightly with the daily life of mankind. At the same time, attacks upon networks are increasing very fast, computer criminal events occur quite often, and network securities are seriously threatened.This paper analyzes the tendencies and types of attacks upon networks, including denial cf service attack, e-mail attack, information-collecting attack, Sniffer technology, and attack toward http service. Among them, denial of service attack is the most common one. Though its way of attack is simple, it is more difficult to defend. It prevents the service of target computers through their collapsing. Information-collecting attack is often prepared for other kind ones. It can find the systematic features of target computers through scanning, and loopholes of the system. Sniffer technology is not only used for attacks, but also used as technology of invasion detection by defenders.Connecting with my own work experience, based on the research of traditional security techniques, this paper mainly analyzes the technology of invasion detection. Anderson provided the earliest description of invasion detection in 1980. Denning wrote an important paper "A Model of Invasion Detection" in 1987, giving the model of anomaly detection for the first time and then expert system of intrusion detection was developed. Now, as the key technology of dynamic security defense system, intrusion detection complements effectively those traditional security defense techniques. It is a kind of security system protecting network resources initiatively, and also the last defense line of network protection. Its main function is to identify all those intensions of intrusion, intruding activities and finished intrusions.This paper concerns firework by comparing firework with intrusion detection, and describing their interactive relationships. A new intrusion detection method based on security log is also regarded as complement to intrusion detection in this paper after analyzing the shortcomings of intrusion detection, and this is a kind of new thinking.In the application part of this paper, the author regards network security as an integrated engineering project according to the theory of systematic security defense. I design a security defense system for the specific IDC circumstance of my own...