| In recent years, with the expansion of cyberspace, network intrusion has become complicated, more and more machines and networks are faced with security threats, The narrow virus monitoring system can not meet the severe situation of network security.Based on traditional firewall technology and intrusion detection technology,thesis designs an online network virus monitoring and control system.Through the system administrator can monitor and defense LAN network virus invasion online. This system has passed the test and delivered to test operation.Thesis focuses on monitor, defense and statistical analysis of network virus online. The main content of this thesis is divided into the following areas:Firstly, Libnids resolves data packets captured from data link layer, sequences, decodes, reverts and storages data encapsulated in transport layer. Data Mining Technology collects and storages network virus pattern in the database.Secondly, the system matches restored application-layer data with network virus signatures, extracts and storages Quintuple information of application-layer data containing network virus signatures. Matching data can analysis type and hazard class of network virus.Then, system defenses network virus with firewall Iptables by the network virus signature matching reslut, and sets the control differernt strategies for network virus.Ultimately, use Thinkphp and Echarts, Bootstrap technology to achieve system function interface that allows users to interact with the system. Through this interface administrator can view the details of the network viruses,set policy for the network virus control, static or dynamic analysis of the virus, and so on. |
PDF Full Text Request