摘要
设立防火墙和杀毒软件是保护计算机安全的主要手段,但随着操作系统的安全隐患被越来越多的发现,攻击者往往能绕开防火墙和杀毒软件来对目标进行攻击。从其他方面提高计算机安全性越来越迫切。基于该思想,设计了一个IDS(基于特征的入侵检测系统),目的是通过这个IDS监视并分析网络流量来发现攻击企图或者攻击行为,采取报警、回复假的不可达信息或断开连接等手段,来保护计算机安全。
本次设计完成了一个IDS的设计和实现,详细论述了该IDS的结构和功能,阐述了相关概念和设计原理,并给出了部分关键代码。最后总结了本次设计的IDS的优点和缺陷,从性能方面对本次设计进行了评价。
关键词:IDS;NIDS;入侵检测系统;snort;网络安全
The Design and Implement of the Intrusion Detection Systems Based on the Characteristic
Abstract
We can use the firewalls and antivirus to protect the computer’s security. But with the potential security hazards are more and more regard, the attacker can keep away from the firewalls and antivirus to attack the computer. To reinforce the computer’s security become more and more exigent. Base on this idea, I designed an IDS (Intrusion Detection Systems) to guard and analyze the network flux and find the attacking intentions or attacking behaviors. To apply an alarm or retrain the false untouched information or disconnection could keep the security of computer.
This design implements an IDS, including its structure, functions, and principles as well. It also showed some important code. At last, it evaluated this IDS.
Key words: IDS; NIDS; Intrusion Detection Systems; snort; Network security