基于协议分析的网络入侵检测系统的研究和设计

graveoflove
1 ℃
2020-06-29

整理文档很辛苦，赏杯茶钱您下走！

还剩 ... 页未读，继续阅读 >>

免费阅读已结束，点击下载阅读编辑剩下 ... 页

阅读已结束，您可以下载文档离线阅读编辑

资源描述

IAbstractIIAbstractWiththepopularizationandfastdevelopmentofnetwork,computersystemhasbeendevelopedfromindependenthosttocomplexandinterconnectsnetworks.Itbringsgreatconveniencetopeopleforsharingofinformation.Problemsonsecurityofinternetarebecomingveryserious.Thustheresearchofcomputernetworksecurityisalsobecomingveryimportant.Asanewactivesecurity-defensivemechanismIntrusionDetectionSystemcanprovidethehostandnetworkdynamicprotection.Itnotonlydetectstheintrusionfromtheextranethackerbutalsomonitorsintranetusers.NownextgenerationIDSaremostlyusingastrategyofcombiningprotocolanalysiswhichmakesuseofthespecificationsofprotocolandoutstandingpatternmatchingalgorithm,tosolvethecontradictionbetweentheaccuracyandthetimeliness.Firstly,baseontheresearchofIDSdevelopingstatusanddirectionathomeandabroad,theauthorputforwardtheideathatpatternmatchingcombineswiththetechnologyofprotocolanalysis,comparingwithtraditionalpatternmatching,itcanreducethecountworkloadthefalsepositiveandfalsenegativeefficiency.Secondly,afterdeeplyhavingastudyontraditionalpatternmatchingmethodsofIDS,theauthorbroughtforwardanimprovedpatternmatchingalgorithm,thealgorithmimprovedmatchingefficiency.Byintroducinganewgenerationofprotocolanalysismethodappliedtonetworkintrusiondetectionsystem,setforththemodelofnetworkintrusiondetectionsystembasedonpatternmatchingandprotocolanalysis.PacketcapturewasrealizedefficientlybyusingWinpcapinthesystem,theproblemofprotocoldecoding,packetrestructuringandreorganizationofdataflowsubparagraphwereresolvedviaper-processmodule.Inmatchingdetectionbasedonprotocolanalysismodule,discussedtheARP,RARP,IP,TCP,ICMP,UDPprotocoloftheanalyticalprocessindetail.RegularanalysismodulefromtherulesdescribedinSnortintrusionmethods,detailedanalysisbasedonSnortrule,usingasimple,flexible,efficientruledescriptionlanguagetodescribetherule.ResponseModuleelaboratestheinitiativeresponseandpassiveresponse.Keywords:NetworkSecurity;IntrusionDetection;PatternMatching;ProtocolAnalysisIII.................................................................................................1..............................................................1.............................................................................3......................................................................................5.....................................................................................................5.........................................................................................6..........................................................................................6..........................................................................................6.......................................................................................................10....................................................................10................................................................................11...............................................................................................12................................................................................12................................................................................15................................................................................15...........................................................................................16....................................................................................16........................................................................17.......................................................................................................19...........................................................................................21...................................................................................................22................................................................22................................................................22......................................................23................................................................23.....................................................................................24.....................................................................25.......................................................................................26...........................................................................................................29IV.......................................................................................................30...................................................................................................32.............................................................................................32............................................................................................33................................................................................34........................................................................................36...