| With the overwhelming development of the information world, more and more government, military forces, corporations and individuals are interconnect with Internet, and brings with the corporations significant opportuneities. But at the mean time, people's high dependency on the network and the world wide sharing of information means we had to confront with more serious security risk and need to take more adamant action to defend our security. Intrusion Detection System is such a defending machanism that provide an active defending technology. It provides protection to inside attacks, outside attacks and mistaken operations, and can prevent and response to intrusion before the network is compromised.Now, many security research orgnizations and security product corporations had shift their core research direction to the research and development of Intrusin Detection System. But intrusion response is always a difficulty in the IDS development, and there is no product had a perfect response system. While a system can't response the intrusion in time after they detect intrusions and take effective actions, the Intrusin Detection System will has little meaning. Therefore, as the detection technology's enhancing, the emphasis of IDS's research will switched to respons mechanism.Based on the deficiency of current intrusion detection product on thepart of respondse, the system deeply analysed and discussed the character and deficiency of the current product, and designed and implemented an intrusion response management system. The thesis through synopsis introduction to the intrusion system and thorough research to the intrusion response technology, emphasized the correlation questions of system design and implemnt. Considering system security and operation's simplicity, the system had adopted the win2000 platform and used Java to do the development work. Through design the sub system of the database management, log management, rule configuration management, alert management and correspondence management, the system accomplished a function integreted dynamic intrusion response control system. The system could convenient log query and analysis, add a new rule and could executeactive response mechanism to the intrusion action, and achived the target of response to variety level and form of detected intrusion accident.The system had exellent easy transplanting property, expansibility, easy operation property and highly security. Simutaneously, system's test running also proved that the system possesses exellent response function, and completely achieve the propect target. |
PDF Full Text Request