| With speedy development of information and internet technology, more and more organisations begin to set up internet-based management platform to share information, which gives rise to serious information security issues. To deal with network security threats, a large variety of security products are negatively safeguarding the threats out of the network and they are powerless towards threats from the inter-network communication. The Invasion Detection System(IDS) management platform, on the other hand, is an internet safety system based on proactive strategies and could make up for the shortages of traditional safety products. However, the majority of IDS management systems are based on single system and platform with high cost. Therefore, it is necessary to design and develop a Web-version IDS management platform that could focus on management invasion detection in a centralised manner and that could be flexibly and easily deployed.In this thesis, Snort-based detection data management platform has been designed by implementation of PHP programming and SQL Server database programming technology.Firstly, it analysed the requirements of integrated design of the platform, and the functional requirements covered four modules, i.e., User Management, Packet Management, Invasion Detection Management and System Management. Furthermore, it examined the environment and framework of platform development. The framework of MVC is accomplished through PHP programming & Smarty, and the interactions between the platform and database are implemented via PDO Development Library of PHP. Subsequently it stated detailed design of each functional module. The User Management module is composed of sub-modules such as Account Number Management, Account Number Group Management, Authority Management and other ones. This paper presented part of critical codes and interface design and elaborated the process of Authority Management of users. The Invasion Detection Management module includes sub-modules such as Statement Analysis Management, Diagram Analysis Management and Rule Base Management. This thesis systematically designed the mechanism of customised generation of analysis statement and called in PHP’s mapping plug-in to realise the drafting of graphic reports. The Packet Management module constitutes of Packet Import Management, Detection Data Management and System Platform Management, etc., mainly used PHP’s Excel development plug-into to realise the procedure of detection data import and analysis. The System Management module contains sub-modules such as Function Module Management, Menu Management and Log Management, presented the logic flow chart of System Function Management and analysed the detailed implementation of realisation and critical codes.Finally, this thesis provided the sample analysis of designed system’s deployment and detection, and sketched out the process and procedures of each functional module, additionally summarised the functions accomplished by the system and provides its possibilities of further optimisation. |
PDF Full Text Request