摘要
設立防火墻和殺毒軟件是保護計算機安全的主要手段,但隨著操作系統的安全隱患被越來越多的發現,攻擊者往往能繞開防火墻和殺毒軟件來對目標進行攻擊。從其他方面提高計算機安全性越來越迫切。基于該思想,設計了一個IDS(基于特征的入侵檢測系統),目的是通過這個IDS監視并分析網絡流量來發現攻擊企圖或者攻擊行為,采取報警、回復假的不可達信息或斷開連接等手段,來保護計算機安全。
本次設計完成了一個IDS的設計和實現,詳細論述了該IDS的結構和功能,闡述了相關概念和設計原理,并給出了部分關鍵代碼。最后總結了本次設計的IDS的優點和缺陷,從性能方面對本次設計進行了評價。
關鍵詞:IDS;NIDS;入侵檢測系統;snort;網絡安全
The Design and Implement of the Intrusion Detection Systems Based on the Characteristic
Abstract
We can use the firewalls and antivirus to protect the computer’s security. But with the potential security hazards are more and more regard, the attacker can keep away from the firewalls and antivirus to attack the computer. To reinforce the computer’s security become more and more exigent. Base on this idea, I designed an IDS (Intrusion Detection Systems) to guard and analyze the network flux and find the attacking intentions or attacking behaviors. To apply an alarm or retrain the false untouched information or disconnection could keep the security of computer.
This design implements an IDS, including its structure, functions, and principles as well. It also showed some important code. At last, it eva luated this IDS.
Key words: IDS; NIDS; Intrusion Detection Systems; snort; Network security
