Design And Implementation

Posted on:2009-03-12

Degree:Master

Type:Thesis

Country:China

Candidate:C Jiang

Full Text:PDF

GTID:2178360308979495

Subject:Computer application technology

Abstract/Summary:

PDF Full Text Request

With the increasingly complicated situations of internet security, the security techniques are expected not only to detect the attacks known to us precisely and quickly, but also to be able to take precautions against and prevent the ones unknown as well as the prompt and accurate response power. As a result, IPS is put forward to strengthen IDS and the security by the firewall, which can work out the solution through the combination of various security techniques.IPS is a new concept in internet security. Compared with fire walls and IDS, IPS is more active and more intelligent to protect the computer internet system against the unknown attacks.The IPS goal is the protection, this is to audit differently with the traditional IDS examination's goal. IPS selects the embedded online movement method, can look like the firewall equally real-time to block intruder's attack. At the same time, the access control and will analyze examines two module conformity in a system, will realize the dynamic real-time change access control strategy through two module's clasp, has realized two kind of technical survival of the fittest, will thus enhance the system overall the safety protection performance. That is IPS does not need to intervene artificially, can along with the network environment change, but changes unceasingly, has certain auto-adapted ability, may renew the access control rule storehouse automatically, obstructs the attack automatically, has the high initiative and pointed.This article has carried on the discussion to the IPS research and the design, in the PDRR dynamic network security model's foundation, take the dynamic defense, the whole defense, defense in depth's thought as the basis, has analyzed the key technologies which as well as the superiority and the existence question the IPS basic principle, the security policy, use, and to one kind basic based on network invasion defense system NIPS (Network-based Intrusion Prevention System) the design with realized has done the preliminary study. In the article has mainly studied the depth content search technique and the behavioral analysis technology two big foundation examination technology and access control strategy realization, the BM algorithm and the improvement of BM used has further discussed.

Keywords/Search Tags:

IPS, NIPS, PDRR, IDS, Dynamic security policy

PDF Full Text Request

Related items

1	Research Of Policy-based Reconfigurable Intelligent Security Defensive Software
2	Research And Application On Policy Based Self-Adaptive Network Security Management
3	Research On Commercial Security Policy And Its Formal Analysis
4	Statistical Analysis Of NIPS Conference Papers Based On Document Feature Space
5	Research On Technology Of Security Policy Transformation
6	Research On Policy Framework And Some Of Its Key Technologies For Network Security Management
7	Research On Policy Based QoS And Dynamic Resource Management In Mobile IP Network
8	Research On Network Security Policy Change In Perspective Of Advocacy Coalition In Liaoning Province
9	Research And Design Of Security Policy Dynamic Analysis And Configuration Based On SEAndroid Set-top Box
10	Security Policy Formal Definition And Management System