INIDS分布式网络入侵检测系统

yjps
0 ℃
2020-08-28

整理文档很辛苦，赏杯茶钱您下走！

还剩 ... 页未读，继续阅读 >>

免费阅读已结束，点击下载阅读编辑剩下 ... 页

阅读已结束，您可以下载文档离线阅读编辑

资源描述

i分类号TP309密级公开UDC编号硕士研究生学位论文题目INIDS分布式网络入侵检测系统的设计与实现学院（所、中心）软件学院专业名称软件工程研究生姓名郭昆学号7200203088导师姓名李彤职称教授二OO四年四月ii摘要传统的网络安全技术种类繁多，然而却已无法满足网络安全的新需求。网络入侵检测技术应运而生，它已逐渐成为网络安全研究最活跃的领域，这预示着网络安全技术正在朝着智能化的方向发展。网络入侵检测是继“防火墙”、“数据加密”等传统安全保护技术后新一代的网络安全技术。网络入侵检测通过对计算机和网络资源上的恶意使用行为进行识别和响应，不仅检测来自外部的黑客入侵，同时也监督内部用户的未授权活动。本文简要分析了入侵检测系统的技术与发展方向。提出了一种基于企业内部网络的分布式入侵检测系统（INIDS），给出了系统总体结构、主要模块的设计与实现方法和关键数据结构。该INIDS系统能以友好的图形化方式显示入侵事件,并且能实现分布式的检测与控制。[关键词]入侵检测，分布式，数据包，规则，模式匹配，远程控制iiiAbstractAlthoughtherearealotoftraditionalnetworksecuritytechnologies,newsecuritydemandscannotbesatisfied.Thenetwork-basedintrusiondetectiontechnologyhasbecomeoneofthemostactiveissuesinnetworksecurityfriendly,indicateageneratetendencyofnetworksecuritytechnologyistheevolutionofintelligence.Theintrusiondetectionisanewnetworksecuritytechnology,followtraditionsecurityprotecttechnology,suchasfirewallanddataencrypt.IntrusionDetectionSystemwatchthecomputerandnetworktraffictofindintrusiveandsuspiciousactivities.Itnotonlydetecttheintrusionfromtheexternalhacker,butalsomonitortheunauthorizedactionoftheintranetusers.Inthispaper,itanalyzethetechnologyanddevelopmentofintrusiondetectionsystemsimply.ItraiseaIntranet-basedNetworkDistributedIntrusionDetectionSystem(INIDS),presentthestructureofthesystem,thedesignandimplementofthekeymodulesandthekeydatastructures.TheINIDScandisplayalltheinformationofnetworkintrusioninafriendlychartmode，andcanimplementdistributeddetectionandcontrol.[Keyword]IntrusionDetection,Distributed,DataPackage,Rule,Patternmatching，Long-rangecontroliv目录第一章引言..............................................................................................................................................11.1研究背景....................................................................................................................................11.2选题依据及应用价值................................................................................................................11.2.1选题依据........................................................................................................................11.2.2INDIS分布式网络入侵检测系统的应用价值.............................................................21.3研究的主要内容........................................................................................................................31.4相关技术领域国内外发展现状和趋势....................................................................................31.5特色与技术创新点....................................................................................................................51.6论文的组织................................................................................................................................5第二章入侵检测系统原理和技术..........................................................................................................62.1入侵检测系统概述.....................................................................................................................62.2入侵检测系统的分类................................................................................................................82.2.1基于主机的入侵检测系统.............................................................................................82.2.2基于网络的入侵检测系统.............................................................................................92.3入侵检测系统原理概要........................................................................................................102.3.1异常入侵检测原理.......................................................................................................102.3.2误用入侵检测原理.......................................................................................................112.4入侵检测技术概要................................................................................................................122.4.1异常入侵检测技术.......................................................................................................122.4.2误用入侵检测技术......................................................................................................132.4.3其他检测技术...............................................................................................................142.5INIDS分布式网络入侵检测系统检测原理与技术...............................................................142.5.1分布式入侵检测框架模型...........................................................................................142.5.2INIDS中的入侵检测技术..........................................................................................15第三章INDIS系统体系结构................................................................................................................183.1需求分析..................................................................................................................................183.1.1检测需求......................................................................................................................183.1.2操作需求......................................................................................................................193.1.3平台范围需求...............................................................