Design And Implementation Of Intrusion Detection System In The Console Management Functions

As the computer becomes more and more popular, and the fast development of the computer network,people become more and more relied on it. However, traditional security defence technique is static, such as hardening technique of operation system and isolation technique of firewall,etc. and lacks active responses to attacks in changing environment of network. Intrusion Detection System is a kind of network application system, designed to efficiently inspect or identify all inbound and outbound illegal network activity by information, for instance, traces left by attackers or features of digital bags. It takes detection and control as the technical essence , to perform the function of active defense, it is one of the core technology of dynamic network security.The intrusion detection is considered to be the second safe gateway after firewall,can inspect the network under the situation that do not influence the network function,thus provide a protect in time to interior attack,exterior attack and misusing operation.The console is an important part of an Intrusion Detection System.With convenient operation interface , it can manage the remote sensors,gather the warning events reported by each sensor, and carry out functions, such as search of log,log backup,log recover and making report form;it also can manager rule database,including update rules , add rules and search rules. The important design of console are manager of user, sensor, rule, log and event analysis.This paper is organized as follows.Firstly, we introduce the basic concept and some related technique of Intrusion Detection System .Then we analyze the realistic background of the Intrusion Detection System,facing challenge and its' trend.Afterwards,we analyze the key technology,such as SSL and data mining algorithm of association rules, which will be used to carry out the console of the Intrusion Detection System .Finally we work out a detailed design to develop the Intrusion Detection System ,including several module detailed design.This topic applies the thought of the software engineering, carrying out a detailed design to the user manager module ,sensor manager module,rule manager module,event analysis...