| As an important infrastructure in high school education and academic research, the campus net plays a significant role in the areas of teaching, scientific research, management and foreign exchange, etc. in colleges and universities. Along with the increasing expansion of the campus net, the unceasingly increase of the information quantity, the continuous development of issues such as resources sharing, network teaching, electronic commerce, work system, educational administration system which rely on the application of campus net, and the sharp growth of data on campus online, the security problems deserving attention are posed before the superintendents of the campus net.Traditionally the firewall is usually employed as the first defense line for network security. The firewall is a kind of passive protection technology, which can only carry on the control to the data input or output, but guard against the illegal visit internal with difficulty. The invasion detects system (IDS) is an important constituent for computer network security, for It can realize the function of real-time invasion examination, protecting itself automatically from attack online and serving as proper supplement for the firewall. Furthermore, the IDS expands the safety control abilities of system managers (including security audit, surveillance, attack recognition and response) and it enhances the integrity of the foundation structure of information security.The article hereby is meant to study on mixed type invasion examination and its realization in view of my school application demand under the campus net environment. It mainly introduces current situations and backgrounds home and abroad, plus elementary knowledge of invasion examination. When analyzing the traditional invasion examination model, it makes a comparison between the two models. It designs an overall model of the mixed type invasion examination system by careful weighing of the main engine invasion examination and the network invasion examination. Based on data gain, audit and management control, it devises three functions modules: Data packet capture module, data packet analysis module, management control module; and detailed instruction is given to each module respectively. For the consideration of security issues of campus net, it applies the mixed type invasion examination system to the campus net. On the basis of comprehensive understanding of the TCP/IP agreement, it describes issues like how to realize the data capture module, the establishment of characteristic storehouse, the data packet analysis module, the designing thoughts of management control module as well as the experimental uses on campus net in C programming language. In the end it puts forward the next step of research work, pointing out that the research of the topic hereby is only about a mix invasion examination system model, while there is much needing improvement in practical application, among which there are matters such as satisfying platform scope demand as well as serviceability demand after the emergence of the new operating system. |
PDF Full Text Request