| With the spread of network application and the continuous development of network attacktechnology, all social circles have paid close attention to the network security technology.Network prevention begins to appear more comprehensive and solid because the separatenetwork security solution can't satisfy the need. IPS is a rising active prevention system whichintegrates multiple technologies such as intrusion and prevention technologies to make up for adeficiency of a single security technology. Therefore IPS becomes a dynamic network securitysystem.The main focuses of this thesis are the research and implementation of IPS based oninteraction. Firstly, IPS's research significance is concluded according to the current situation ofnetwork security. Conceptions, classifications and relative merits of intrusion detection andfirewall are analyzed. IPS's feature, classification and methods are researched, at the same timethe primary problems and future trend are discussed. Linux firewall's framework and expendtechnology are researched. Then the framework and basic function modules of a NIDS whichbased on interaction of IDS and firewall are proposed according to the system design principles.In this part of the thesis, the key technologies are elucidated, followed by design andimplementation of each module. The main algorithm process and important data structure ofeach module are described in detail. Rule set is optimized in the packet filter module. Finally,summary is given, and according to the shortage of this NIDS, some suggestions for improvingarealsopointedout. |
PDF Full Text Request