| With the rapid development of computer technology, network and information security issues, especially the host's security problems of information service node, is increasingly becoming a threat to Internet security development. This paper analyzes the current security situation of information service node, points out that the passive means of defense can no longer meet the current actual needs of security and defense, introduces the research situation of the subject at home and abroad, determines the system's design objectives, represents the design ideas of information service node of host-based intrusion detection system, and discusses the key technology adopted by the system.The host-based intrusion detection system of information service node designed by this paper is seen as a last line of defense, defenses from the system layer, provides a safe operating environment for the activities of information service node. In the protection of the underlying operating system, this paper uses credibility authentication technology to ensure the underlying operating system procedures. In order to ensure the stability of the system, the host-based intrusion detection system of information service node also uses virtualization technology to ensure the operating system to quickly return to pre-attack state. Taking the technology of black and white list in applications, the traditional features scanning and intelligent behavior detection, it can accurately determine the known and unknown attacks. Using of the technology of process isolation and defense of stealing private information, it prevents the information leak. In protecting the key resources of the operating system, the technology of access control is also taken to prevent the malicious code to undermine the integrity of the operating system.At last, this paper summarizes the work and presents the needed improvement of host-based intrusion detection system's design information service node. |
PDF Full Text Request