| Since the computer comes forth, the security problem has been existing. With Internet rapid expansion and with the rise of the electronic commerce, people find it is important to protect the security of the data. Mentioned the network security, people will think of the firewall at the first. Although the firewall can protect the unexpected access request from entering into through adequacy configuration, it can't check whether the data streams passed it have malice codes. Therefore, Intrusion Detection Systems (IDS) emerges.Instruction detection technique is an important component of the computer network safety guard system. The research and application of the intrusion detection has become an important subject in the network safety field.This article analyses the various network protocol including APR, RARP,IP,TCP,UDP,ICMP based on the internet protocol. The thesis does some specific application researches on the light intrusion detection system Snort, analyzes the structure of the system, the methods of dealing with the rules and its working procedure and comes up with a new match rule for the algorithm, which realizes and further expands the analysis and recording rules of the network data. Using the Mysql database technique, the article develops a platform of safety detection management, making the detection of the flowing amount of the different switch ports possible, thus further perfect the detection function of the system. In addition, snort could be expanded and transplanted and this software conforms to the GPL which allows any organization or individual to use their products.The detection engine is the core of snort. Exactness and quickness is the two important measurements of its performance. Exactness depends on how exact the software can extract the features of the intrusion and how simple and practical the software can write the rules because the network intrusion detection system works passively which could only... |
PDF Full Text Request