| Intrusion Detect System is an important security technology to go on with Firewall technology. It can make real-time direction and supervisory to the system in the whole process of out-invasion. Intrusion detection system can detect Network Intrusion and drive it out taking advantage of early alarming system before the occurance of invasion danger. In the process of Network Intrusion, IDS will alarm in time and reduce the loss to a munimum. After Network Intrusion, IDS will collect information on intrusion, as intrusion characteristics, added to the knowledge base, to prevent system against it.This article investigates the current situation of network security, the methods of network intrusion and the importance of network security, on the basis of the situation and development of IDS home and abroad. In addition, it introduces the definition, function and composition module of IDS. This article brings IDS of Windows platform into effect based on the WinPcap kit. In the process of the system development, we Snort rule set, to ensure the economical efficiency of the system development, but also to ensure the safty and efficiency of the system operating. This article anlysizes and compares the kinds of model match algorithms, uses the high efficient ACBM to realize module match, so that our system has a high efficiency. To prevent the loophole in the system development, the design also adds the update module, for updating of the system in the future. It will provide long-term security for the computer system. In the end, We detect the performance of the IDS for the design, compare the difference between the system and intrusion detection system, in order to make sure the computer system will be protected efficiently. |
PDF Full Text Request