| Along with the development of computer and network technology, Intrusion and attack aim at The System heightens, The ability of attacker, The methods become more and more secluded, But at the same time, Network security equipments have some shortage in test method, So the problem of network and information appears and it is very necessary for us to research network attack and prevention technology.The disquisition has two sections. The first section aim at the diversification, complication and concealment of Intrusion activity. Do some research on normal activity and intrusion activity of system and then put forward corresponding formal description model. During this section, author firstly illuminates the concept of four group intrusion activity. It is nuclear essential to research intrusion detection; Then simply assort existing intrusion detection which is in favor of describe attack action, at the same time distinguish normal activity from intrusion activity, thereby be help to design and realize the intrusion detection system; lastly using Petri net set up the describe normal action and intrusion detection model and method, in this way the complex and changeful things maybe have a very intuitionist description and it could be directly correlative to kinds of arithmetic description. On these basic we do some research to settle many attack strategy, diversified intrusion detection arithmetic. The second section is about capability test method. National network security equipments have some shortage in capability test method, especially haven't one test method of real world test, integrate with author's test experiments at lenovo academe and china mobile, put forward to capability test method of network security equipments in network layer and application layer. |
PDF Full Text Request