| Now many organizations of government and enterprise all build up own local area network in succession. The network construction has become one of the key factors by which enterprises advance work efficiency and core competition ability. When the network scope extends continually, using through mistake mode or for mistake purpose, the network security affaires emerge in endlessly. The loss from the affairs is paid attention by people increasingly. According to the statistic result 80% of told secret and network inbreak come from the inner network. The security problem produced by internal network misuse has become a kind of difficult problem in the research field of network security management.The paper mainly designes and realizes a type system of misuse and detection. The implement condition of network misuse detection system is introduced and the difference between the system studied in this paper and traditional detection system is given. The principle of misuse detection is analysed, on the basis of which the correlation techniques are introduced. The construction of misuse detection system is illuminated.The paper mainly designed and realized an antetype system of misuse and detection. The implement condition of network misuse detection system is introduced and the difference between the system studied in this paper and traditional detection system is given. The principle of misuse detection is analysed, on the basis of which the correlation techniques such as the P2P, network program, Libnet, Libpcap, Jsp, Mysql etc are introduced.The traits of misuse detection technology based on the host and network are presented. The network misuse detection prototype system is realized by principle of IP cheating and the function of ICMP response. In the frame design of detection system, there are major functions, program flow and function design of three sub models bout the scan, monitor and the interface of user. The detection system can scan the hosts in this sub network make use of parameter configures given by the user. At the same time, this system can monitor the lawless connection. And this system can give some hints when the lawless... |
PDF Full Text Request