| With the rapid development of Internet, hackers'attacks are becoming more and more severe, thus Internet security defense is doomed to be a serious concern.It is estimated that a single hacker incident takes place every several seconds, Globally, the total economic loss caused by such attacks is significant in a year. Internet security has been a focus of modern social concern. For the time being, among the internet security technologies are intrusion detection system,fire walls,security routers. Intrusion detection system (IDS) is the key component of the architecture of information security. Snort is a intrusion detection system in the field of open source software.The snort is a typical Network Intrusion Detection System. Some of design principle and characteristics forms the base of most popular mercantile Intrusion Detection System.There are great academic and commercial value to the research of snort. Snort is the research object of this paper, which will explore its basic structure. Snort effectiveness plays an important role in improving the detection rate, reducing the false positive of intrusion detection and improving real time intrusion detection. According to snort rules' feature construct the attack packets. Meanwhile focus will be put on the effectiveness of IDS.Firstly, this paper studied the current research status of the IDS evaluation at home and abroad. Then, it summarized the advantage of data source of attack packets based on snort rules, it described the idea and implementation of attack packets based on the snort rules and gave a detailed design. Finally, it designed and realized the attack packets by scapy according to the snort rules, it completed the the test of generation data and effectiveness of IDS. |
PDF Full Text Request