| With the rapid development of information technology and Internet, the security problem of computer network and information system becomes more and more serious. Most conventional security techniques are static mechanism and are limited to Protection phase, which can't satisfy the increasing demand for network security. As a primary technique in detection part of P2DR model, Intrusion Detection System (IDS) can efficiently recognize and respond to the actions of network and hosts actively. Thus it can detect intrusion and misuse to provide a sufficient protection to network security. According to the research results which the project team has been completed, this dissertation studied and improved the Dynamic Extensible Net Intrusion Detection System with data fusion technology. The main content of this dissertation is:①According to the original project results -- the Dynamic Extensible Net Intrusion Detection System, based on the study of the theory of Mixed Intrusion, this thesis has given out the system architecture of Mixed Intrusion Detection System (MIDS).②MIDS combines data from the network and the key hosts as its source and introduces a double-layer mixed analysis method as its detection method. The united analysis module adopts Dempster-Shafer evidence theory according to the theory of Information Fusion.③Bring into three subsystems: Data capture subsystem, data analysis subsystem and the respond subsystem. Finally, MIDS is formed in Windows.Testing the MIDS and the Dynamic Extensible Net Intrusion Detection System in true environment with function testing, data set attack testing. And analyzing their performance showed that the MIDS can meet the need of detection than the Dynamic Extensible Net Intrusion Detection System. |
PDF Full Text Request