Research Of The IDS Simulation Model

With the rapid development of simulation technology, it is becoming a research hotspot in the network security domain to study and resolve the network security problem through network simulation. Model is the basic of simulation. The development of network security simulation is restricted by the absence of network security simulation model. IDS is a typical network security detecting device, the research of IDS simulation model has great significance to the discussion of network safety modeling method and the extension of network security simulation model.Based on the function modeling method and the network simulation method, according to the network security detecting mechanism modeling requirement, this dissertation discussed the modeling and validation problem of IDS simulation model. Firstly, the conception of network security modeling and simulation is analyzed, the network security modeling method is summarized, the modeling mechanism, model system and kernel module of OPNET are anatomized, its support capacity for network security modeling and simulation is analyzed.Secondly, the detecting mechanism modeling requirement and the complicacy of IDS is analyzed, the IDS modeling policy is studied, the IDS modeling process based on MDA is presented according to the software essential of simulation model exploiting and the determination of modeling and simulation relationships, the modeling method of every phase is ascertained, the configuration and mapping relationship of IDS simulation model is presented.Thirdly, the basic function of IDS is abstracted from the view of information transaction and network defense, a function decomposed arithmetic is designed, the lengthways function crunode-tree and the transverse function interfaces alternation connections is established, the IDS function model is formed, the formalization of function model is presented, the guideline of verification is ascertained, the syntax consistency verification method based on relation matrix and the semantic consistency verification method based on petri net conversion is proposed, and the validity of IDS function model is proved using the verification method mentioned above.Finally, the basic requirement of IDS object and program modeling, the object modeling method based on compounding and reuse policy is presented, the IDS object model is formed from the network domain, node domain and process domain, the critical technology of IDS program modeling is studied, the modeling and embedding method of custom application program model is summarized, the EDS program model is exploited, its validity is proved through simulation experiment.