| With the rapid development of network technology, the phenomenon of spread of computer viruses and network intrusion attacks also occurs frequently, Malicious attackers on the network are also increasing, which makes the importance of network security become more apparent. But traditional security defense mechanism mainly makes use of safety treasures of information encryption, identity verification, access control, security router, firewall and visual private network etc. to protect computer system and network infrastructure. Once the intruders make use of vulnerable program or system vulnerabilities bypass these security treasures, they can gain unauthorized access to host and cause the system to collapse and losses. Relying solely on traditional static security technologies such as firewalls, data encryption, and authentication is difficult to guarantee the security of the network. Then, the intrusion detection as a new generation of security assurances technology appears, which can provide dynamic security protection for hosts and networks. It can not only detect the intrusion from outside, but also it can provide effective supervision on illegal communication.Intrusion detection system can find unauthorized or malicious network behavior, illegal and legal behavior can be distinguished that is prerequisite, and that is to say, the nature can be analyzed by extracting the pattern features. In this thesis author designs an intrusion detection system based on pattern matching, which uses efficient BM (Boyer-Moore) string matching algorithm, achieves real-time detection to intrusion and takes protective measures in a timely manner, thus, to prevent intrusion hazards events to further expand, which has a very important practical significance to the development of network security.The main work is summarized as follows:1. Introduction of significance and the current state of research into an intrusion detection system based on pattern matching. 2. Research on what how to get the data descripting of network intrusion behavior characteristics and how to use the feature data accurately judging the nature of the intrusion behavior.3. Careful and further analysis of the features of pattern matching algorithm and designing methods of the system of intrusion detection.4. Realization by using C-language under the Fedora-Liunx-9based on requirement analysis, system design.The program’s graphical interface is designed with Glade and GTK+. System intrusion signature doesn’t use database implementation, but simply uses the file simulation. Ultimately, the effect of the program is divided into two parts:One is to add features to the file through the front; Second is to detect the intrusion, and start the firewall to block communication with the intruders. |
PDF Full Text Request