| Along with the Internet widely use and popularization, people pay more attention on the network security. The disfigurement when we designing protocol,programming language,network,operating system and other applications, uncorrectly configuration, slack maintenance of the servers and bad habit when we using computers. All of these are conducing the information system which seems powerful when we daily use but full of poles. If people touch off them, intended or involuntary, they will bring on tremendous loss. So It's very important to research the network security.Intrusion Detection is a whole new generation security protection technology which is after the firewall and data encryption technology. It not only prevent the outer invader but also detect the inner illegal access. It's meaningful and valuable to research it.According the problems which are existed in the classical intrusion detection technology, we give out a new intrusion detection system(IDS):MyIDS which is a distributed multi-data hybrid IDS in this thesis. Compare with the traditional IDS, MyIDS can assort with the hosts state, then all kinds of detected hosts can share their hosts informations with other hosts and they aren't information islands anymore. Besides the network engine's rules format adopt the dynamic rules and correlative rules set technology. This kind of technology can release the high False Negative rate because of high speed network.In this thesis,we first expound the design thought of MyIDS, then we pay more attention on the design and realization process of the MyIDS's network engine.We think this design plan achieved the goal which we expected according to our testing result which based on Linux.This plan is reasonable and meaningful to research it. |
PDF Full Text Request