Research And Implementation On NIDS Improvement

Posted on:2007-01-22

Degree:Master

Type:Thesis

Country:China

Candidate:Y Sui

Full Text:PDF

GTID:2178360185954114

Subject:Computer software and theory

Abstract/Summary:

PDF Full Text Request

With the development of Internet technology, the threat of network security becomes more and more serious, and the network attack causes a lot of damage to the users. A firewall can't accomplish the defence to the complex attack by itself. So, the technology of intrusion detection emerges, as the times require. NIDS (Network-based Intrusion Detection System) is one of realizations of IDS (Intrusion Detection System) and it has a better future than others. However, as an important component of the Network Security System, the IDS didn't work as well as hoped in practice. The paper tries to put forward some ideas to improve NIDS.First, this article figured out the essential problems of the current NIDS by analysing the architecture of classic NIDS. Here they are,1). Too much misinformation and miss, a mass of information and low efficiency.2). Too hard to distinguish which information is important.Then this article makes a study of Passive Host Characteristic Information Discovery. It will support the improvement of NIDS in theory. The principle of the NIDS improvement is, "NIDS knows more, NIDS does better."Furthermore, the paper designs and implements an archetypal system basing on Snort, a famous open-source package of NIDS. The improvement expands focusing on the NEI (Network Environment Information), which describes the situation of the current network and shows NIDS's acquaintance for the current network. With the purpose of defining, finding, and maintaining the NEI, the system proposed in this paper implements the improvements.Finally, the paper tests and evaluates the effect of the system. The conclusion is made, and further ideas are discussed in the future work.In conclusion, this paper analyzed the essential problem of the current NIDS, which suffers too much INVALID information. The NIDS almost knew nothing about the network environment. Besides, it also proposed some efforts to improve the NIDS in order to discover and analyze the Network Environment Information and work more particularly and effectively.

Keywords/Search Tags:

NIDS, Intrusion Detection, Passive Network Discovery, Data Validity, Network Environment Information

PDF Full Text Request

Related items

1	NIDS Performance Evaluation And Its Application Research In Bank System
2	The Design Of Network Intrusion Detection System (NIDS) And Research Of Interaction With Firewall And NIDS
3	Research And Implement Of The Model Of Immunology-based Network Intrusion Detection (IBNIDS)
4	Research On Network Topology Information Technology In The Application Of Network Intrusion Detection System
5	Research Of NIDS Test Methed Composed Of Active Test And Passive Test
6	The Analysis, Compare And Improvement Of Detection Method Of Network Intrusion Detection System
7	Nids Based On The Enterprise Network Applications
8	Research And Design Of Network Intrusion Detection Systems Based On Improved BM Algorithms
9	Research And Design Of Network Intrusion Detection Systems Based On Improved Bm Algorithms
10	The Research Of Intrusion Detection Technology Based On Artificial Neural Network