| Firstly, the current campus network security, especially network security situation made a brief introduction to the present research the background and significance.Then this paper reviews the history of the development of intrusion detection technology, the current intrusion detection technology and the necessity of the key sub protection analysis.Intrusion detection by analyzing the major product, predicted the campus network intrusion detection technology in the protection of the development trend of the subnet, and then made this research work.On this basis, the key to building the subnet based on Snort network intrusion detection model, Snort is a powerful lightweight network intrusion detection system, set up convenient.It has real-time traffic analysis and log IP network packets ability to perform protocol analysis, content searching or matching.It can detect a variety of attacks, and attacks in real-time alerts.In addition, Snort has a good scalability and portability.This paper describes the intrusion detection system (Intrusion Detection System, IDS) concepts from architecture, the overall process in terms of open source Snort network intrusion detection tool for in-depth analysis, build SIDS.Under the Windows platform, including intrusion detection system Snort Winpcap (Ethereal Library), Snort (Intrusion Detection), SQL Server (based on SQL database server), Apache, ACID (Web-based Analysis Console for Intrusion Databases).Snort rule matching the packet and to detect intrusions and exploration activities, Apache to provide network services for the ACID, ACID view of SQL Server database data to generate the report charts network intrusion events.Finally, an improved system of the strengths and weaknesses, recommendations for improvement and further optimization. |
PDF Full Text Request