| With the rapid development of information technology, computer network security has become one of the most important factors of national safety. Being an important ingredient of network security system, Intrusion Detection research is significant both in theory and practice.The characteristic of campus network is that massive traffic of user, the long on-line time, the high rate of user on-line and the complex application of network. The potential risk campus network faced is involved with data information stealing and network facility intrusion. To overcome these problems, we develop this campus network-based intrusion detection system using Linux developing environment.The main work mentioned in this paper is carried by using the intrusion detection techniques synthetically:1. Introduce the conception, the elementary model, the history and the classification of intrusion detection technique. The developing trend of intrusion detection technique is also summarized in the first part of the thesis. The intrusion detection system supporting IPv4, IPv6 and transition mechanism is designed. By analyzing the capture procedure and bottleneck of Linux operating system we point out that using technology of NAPI,Memory mapping can increase the capturing efficiency and detection accuracy which result in the low rate of error report, lose report.2. To overcome the pattern matching problem and the incapability of intrusion data analyze of Intrusion Detection System, we develop a new IDS model. Using the protocol analysis method this new IDS model can enhance the capability of intrusion data analyzing and can also control the network traffic by combining the network traffic prediction model. The tests done show that the new IDS can efficiently protect the campus network, so most existing network attack and intrusion can be detected and protected in time. |
PDF Full Text Request