| Network security issues has become more and more important, diversity and complexity of network attack and attack types makes the protection of computer network security difficult, let alone ensuring the effective safety of internal network. In order to improve the ability to protect the internet, study on the intrusion detection system and the firewall association system emerged. At the same time, the Linux system has often been chosen as the research environment because of its open resources.Based on the detailed research on intrusion detection system and the firewall system function and work principle, this thesis finally implement the intrusion detection system and firewall association system. In this thesis, the author first introduced the function and working principle of IDS, including each function module, the workflow of IDS,rules of matching.then the author put forward and implement a improved intrusion detection matching algorithm. After this, this thesis introduce the theoretical knowledge of firewall, including the architecture, composition and function of each part, process of how package getting through firewall system.Then the thesis is given to the analysis of requirement of the presented intrusion detection and firewall association system, including the functional analysis and design of each module. The three modules in the association system are intrusion detection module, middle association module and firewall module. In the module of middle association module, there are also three parts, which are configuration file, the IDS log analyzer and firewall rules modifications. Middle association module finds out the attack source and type through the analysis of the snort log, revising the firewall rules so as to realize the attack effectively intercept.Experimental results show that IDS can only detect single to attack, firewall only static interception, association system can be effective to attack the network dynamic interception. |
PDF Full Text Request