| With the development of the Internet change rapidly, Internet not only just mean theinterconnection between PC machines,it also contains the interconnection with mobile terminal(mobile Internet) and sensor network(Internet of things). However, network security issues,accompanied by a variety of services and applications gradually flooded the Internet, has alsobecame more and more serious. It is no exaggeration to say, where the network is, there is theproblem of network security. The intranet security terminal suite this thesis discussed is designedfor making up the shortcomings of existing virus/Trojan horse/content monitoring system.First of all, this thesis makes a deep research on related theories of network security, networkpacket capture technology/capture mechanism and intrusion detection. Then through carefulanalysis, the theoretical basis of this study has been determined.Secondly, this thesis gives the system structure and detailed design of intranet security terminalsuite, including:First, this thesis gives the design of data packet analysis module, and discusses the hierarchicalstructure of TCP/IP protocol, the main protocol type and protocol header format, then it gives theprotocol header format a structured definition.Second, this thesis gives the design of data packet capture module, and discusses the networkdata packet filtering mechanism BPF, then it introduces the method which use Libpcap developmentpackage to capture network packets.Third, this thesis gives the design of data packet storage module, the process and form of packetstorage are also discussed.Fourth, this thesis gives the design of data packet intrusion detection module, it discusses howto use Libnids development package to detect port scan attack and analysis the sensitive text basedon TCP/UDP data stream reconstructing.Finally, this thesis testes the system, and verify the expected results were obtained. After thework is summarized, the next step work is prospected. |
PDF Full Text Request