| With the development of computer technology, security has become an international problem, every year it resulting into billions of dollars economic losses. In order to resolve the computer and network security, a variety of security mechanisms, policies and tools are research and applications. Intrusion detection in the field of network security is a relatively new security mechanism.This thesis has designed and implemented a pattern matching network intrusion detection system, the system analysis the principles and procedures of the attack, extract relevant features, establish signatures database of the attack. When detect intrusion event, this system match pattern, generate alerts, and display.The network intrusion detection system Based on pattern matching divided into four parts:packet capture module, preprocessing module, check module and the output module. Packet capture module using WinPcap capture all the packets as much as possible, it supply data source to intrusion detection system; preprocessing module greatly extends the network intrusion detection system, users and programmers can easily join the modular plug-ins, which can modify or analyze packets before detected using different ways, thereby increasing the accuracy of the detection module and speed. Check module to intercept the data analysis and pattern matching, when the packet matches the attack mode, generate alerts, it is the core of intrusion detection systems;output module display the result based on the different needs. |
PDF Full Text Request