分布式入侵检测系统设计毕业论文.doc

分布式入侵检测系统设计 [摘要] 随着黑客入侵事件的日益猖獗，只从防御的角度构造安全系统是不够的。入侵检测技术是继“防火墙”、“数据加密”等传统安全保护措施后新一代的安全保障技术。它对计算机和网络资源上的恶意使用行为进行识别和响应，它不仅检测来自外部的入侵行为，同时也监督内部用户的未授权活动。 本文所设计的入侵检测系统，具有良好的分布性能和扩展性。他将多种入侵检测技术有机地结合在一起，能够提供集成化的检测、报告和功能 [关键词] 入侵检测 模式匹配 协议分析 [Abstract] With more and more site intruded by hackers, security expert found than only use crypt technology to build a security system is not enough. The Intrusion Detection is a new security technology, apart from tradition security protect technology, such as firewall and data crypt. IDS watch the computer and network traffic for intrusive and suspicious activities. they not only detect the intrusion from the Extranet hacker, but also the intranet users. We design a component-based Intrusion Detection System, which has good distribute and scalable ability. It combine various intrusion detection technology into a system, and provide detection, report and respond together. In the implement of the network engine, the combination of network protocol analyze and pattern match technology is used, and reduce scope to search. We also improved pattern match algorithm, the network engine can search intrusion signal more quickly. [Keyword] IDS pattern match protocol analyze 目 录 摘要 ………………………………………………………………………………….…………1 Abstract ………………………………………………………………………………….………2 第一章 引言 .......……………………………………………………..…………………….. 4 1.1项目背景 ...……………………………………………………..……………………….4 1.2系统介绍 ....……………………………………………………..………………………4 1.3 工作内容 ..……………………………………………………..……………………….5 1.4组织结构.....……………………………………………………..……………………….5 第二章 系统功能概述 .………………………………………………..……………………...6 2.1系统工作流程 ……………………………..……………………………………………7 2.2 系统功能特点 ...……………………………………………..…………………………8 2.3 本章小结 ………………………………………………………………………………12 第三章 系统体系结构 ....…………………………………………………………………….13 3.1 系统架构设计 …………………………………………………………………………13 3.2 系统开发环境 …………………………………………………………………………14 3.3 系统功能结构设计 ……………………………………………………………………14 3.4 公用构件设计 …………………………………………………………………………15 3.5 系统辅助功能模块…………………………………………………………………