| With the rapid development of computer and network, when more and more companies and users surf Internet, network security becomes a unavoidable problem that people have to face. Firewall is the first line of defense traditionally, now single firewall can't protect network security when the hacker have more and more enriching knowledge and attack tools become more and more complex. It is necessary to adopt a deep and multiplex method. As a important component of detecting illicit activities it aims at computer and network preventing them from being destroyed, intrusion detection was born under this background. Intrusion detection has been a active research field since 1980's.Firstly, in the paper I introduce network security problems and the method the network security aim at, network threaten. Secondly I discusses the IDS in detail, including the reason, the functions, the standard, the classification and so on. Thirdly I research the shortage of the IDS and the future way. Next, I design a network-based intrusion detection system, which is composed of seven parts. I design and realize these modules. The system capture the network packet with the help of Winpcap, then analysis the packet, mainly analysis IP, TCP,UDP and ICMP protocol, and then display the data and store the data into the logs that may be analysed anon. And I design a intrusion detection language, and realize a intrusion detection database. After the network packet was captured ,it match the packet. If matching successfully, it is meaned there is a intrusion, or it is right.In the last, the paper point out the future way about the system. |
PDF Full Text Request