| In recent years, university libraries in order to better serve the school, a lot of money to purchase a large number of electronic resources to meet the teaching staff and students on the demand for original documents at home and abroad, to enhance the university's teaching, scientific research has played a positive role.But some readers to download the tools often used data bulk download the full text journals, which constitute a malicious download. Once found the database provider will block the user IP, or block the IP segment, causing the entire database unusable. Seriously affect the normal teaching and research universities.In this paper, the open source intrusion detection software of Snort, the use of the concept of intrusion detection systems and detection methods, acts against malicious downloads, combining characteristics of library network was designed to download malware detection system university library. Achieved as planned intercept data packets, packet parsing, statistical analysis, the network source tracking system module, tested the system can detect, locate the source address of a malicious download to achieve the desired results.In the testing process in the University Library Malicious Downloads Detection System to produce a large number of false positives, this study and tested the system omissions and false issues, and with the detailed rules and packet filtering technology to greatly reduce false positives generated by the system. |
PDF Full Text Request