| The computer-network becomes more and more complex and high speed. The methods of intrusion also become more and more complex and occult, in practical work the single traditional security technology can not satisfy the need of the network security. Hybrid of several kinds of effective security technologies is the development direction of the network security.Now the Intrusion Prevention System has become a focus spot in the net security. It has two directions one is Intrusion Prevention System, the other is Intrusion Detection System working with firewall. In the practice, which is the better one is not the important spot. The main spot is how to synthesis the IDS and IPS together and applied in the network security.The protocol analysis, deep packet detection and current capacity monitoring are the new technologies. If the three technologies can be applied in the security component, the ability of the IPS can be improved. The protocol analysis can detect the intrude action with the high efficiency. The deep packet detection has the advantage to detect the deep load in the date packet and the current capacity monitoring is very useful in monitoring the network the find the exceptional action. The application of these three technologies can improve the ability of the IPS.The paper researches the characters of the IPS and IDS, applies the three new technologies into the IPS, and gives a new framework IPS-"Network Distributed Intrusion Prevention System base on the protocol analysis, NDIPS", it also gives the design and implementation of the NDIPS system, finally test some detect technologies with the simulation software and the network. The prevention and real-time response ability to the intrusion of the new IPS system has been improved and with its application the entire security of the network can be improved. |
PDF Full Text Request