| With the rapid development of network, the security problems is increasing. To defend the network,different security methods have been used, one of which is the Intursion Detection System(IDS). IDS have two types, one is the Network-based IDS(NIDS) and the other is the Host-based IDS(HIDS). As the NIDS could be accurately defined, easily deployed and has good performance, at present, it is used widely. In this thesis, an open source-code NIDS system, the snort, is discussed to give some methods to improve the performance of intrusion detection. snort is an open source IDS that is based on network payload.The main work of this paper:In the first,based on the analysis of snort and the application layer protocol analysis technology in the third-generation ids system,The detection technology based on network payload and the protocol analysis technology have be compare. The scheme of the third generation IDS using the protocol analysis technology has be design. Secondly,The application layer protocol analysis module using netbee develop kit has be realized, it has be embed to snort to realize the IDS. The realization of some key function modules and data structure has be give.In the test,the system is success to get the applicaton layer protocol data and transfer it to detection engine. |
PDF Full Text Request