| The evolution of Internet has brought wealth to human community, along with security problems. Network attack had become one of the most important fields in computer technology because of the popularization of E-Commerce. the most prevent attack is DDOS attack, so Researchers are putting more focus on security technologies.Faced DDOS attack, Most security-related products are passive. Firewalls only block access statically. Intrusion Detection Systems could detect intrusions dynamically, but fail to block the intrusion detected. Thus a new concept IPS, known as Intrusion Prevention System, was introduced. Integrated with a firewall and an IDS, the IPS could block the intrusion detected actively. However, the IPS serier-linked with system in traditonal , when ddos attack start with high stream attack in high-speed network it is has more error in node, the performance of IPS impacts network performance greatly. Especially on gigabit high-speed networks, performance is the major bottleneck of IPS systems.Based on current research work on security, this thesis extended current concept of IPS system, presented a IPS that prevent DDOS attack which based-stream tractor high-speed networks. Different from traditional IPS, it is more than a firewall integrated with an IDS system, with different of general IPS, This IPS parrlar-linked with system . use stream tractor to decrease the system presser and improve the performance. as soon as IPS is wrong , it's not expect the network. it has the probe collection.The thesis introduced the architecture of stream-tractor IPS system on high-speed networks, presented implementation details and related techniques. Integration of specially designed hardware and general operating system software provides maximum scalability and interoperability without impact of network performance. this system solved DDOS attack.Finally, the thesis summaried of based-stream tractor IPS and suggestions on future work were presented. |
PDF Full Text Request