| It is nowadays information age, and Internet is bringing thegreat change to the whole world.As Internet being in the globaldevelopment at full speed, the popularization day by day of thenetwork technology, the network security question seems moreand more outstanding too.The security of computer network is a internationalizedissue, the whole world lose up to tens of billion dollars everyyear caused by that the security system of the computernetwork is destroyed. Traditional fire wall technology is nodoubt important, however, it is important too to develop thenetwork intrusion detection and early warning technology.It isthe rational supplement of the fire wall , and helpful to deal withnetwork attacks for system.It is considered to be the secondsafe gate after the fire wall that the network intrusion detection ,It monitors network in case of not influencing performance ofthe network,thus offer protect to the attacks from inside, theattacks from outside and operations by mistake in real time.Intrusion detection technique can be mainly divided intomisapply intrusion detection technique and unusually intrusiondetection technique from the way to detection. According to thesource of the detection data, the intrusion detection system canroughly be divided into two big classes : network-basedintrusion detection(NIDS) and the host-based intrusiondetection(HIDS). Among them, network-based intrusiondetection system is used extensively because its definition isaccurate, easily to implement, and it is relatively high to therate of detection accuracy.The ripest kind of intrusion detection method is themode-based match method at present. The appearance of thiskind of detection method make a qualitative leap in theintrusion detection system. It is adopted by overwhelmingintrusions detection products in the market at present. But with the constant growth of network scale andcomplexity, the traditional detection method based onsingle-mode match algorithms, such as BM,etc. have alreadybecome the bottleneck of the network intrusiond detectionsystem. Under the fast-developing network and enormous flowof network, the method based on the single-mode match can'talready meet the paces of network development. The introduction part of this text has introduced theworking background and has explained the research work ofthis text; Chapter 2 carried on the introduction in the relevantknowledge of intrusion detection; Chapter 3 has carried ondeep analysis in some mode match algorithm commonly usedand protocol analyse at first, then improve the traditionalsingle-mode match algorithms,and put forward we can realizemultiple-modes match of the attacking detection with the fastinquiry function of the HASH algorithm in order to raise thespeed of the network intrusion detection. Chapter 4 design andrealize the intrusion detection prototype system on the basis ofHASH algorithm and then test and analyse for it. Chapter 5some summaries of this text, look forward to the work in thefuture at the same time . Having the future in mind, intrusion detection techniquecan roughly be developed in several following directions:1. Distributed intrusion and detection : the first aspect ofthe meaning, namely the detection method to the distributednetwork attacks. The second aspect of the meaning, namelydetecting the distributed attack with the distributed method.The key technologies among them are the coordinationprocessing of the detection information and abstracting overallinformation of intrusion attacks . 2. Intrusion detection intelligently: namely detectingintrusion with the means and way of intellectuality. So-calledintelligent method, there are methods such as neural network,hereditary algorithm, fuzzy technology, immune principle, etc.commonly used at the present stage, These methods are usedin the knowledge find and study by itself function for intrusiondetection system. It is one of the commonly used methods tooto make use of thought of the expert system to structureintrusion detection system. Especially the expert systemshaving teaching itself ability have realized the continualrenovation of the knowledge base and expand , and make theprecaution ability of the intrusion detection system designedstrengthened constantly, so they have more extensiveapplication prospects.It is also reported that there are some tryin intrusion detection using concept of artificial intelligence.Comparatively unanimous solution should be that high-efficientintrusion detection system under the routine meaning withdetection software or module having intelligence detectionfunction combines together and uses. 3. The overall security defending scheme:namely deal withthe network security problem with the thought and method of... |
PDF Full Text Request