基于snort的入侵检测系统的研究(2)

Abstract

Along with the fast development of the network technology and the universal application of the network environment, the security problem in network is increasingly outstanding. And as a new security means, intrusion detection techniques have displayed its important role. With the development of the computer application technology and communications technology, the Internet has become an important medium of information dissemination. Computer network is gradually changing the way people work and live. On the economic and cultural development of the world it also takes a profound impact. However, the rapid development of network technology and extensive application also gave a series of questions to people, which especially is the network information security. Intrusion detection system is in this context produced and developed. Through the analysis of the host log or network packet, intrusion detection system can prompt the discovery of intrusion and the alarm.

First, this thesis deeply researches the technology of intrusion detection, and explores the concept of intrusion detection system. The thesis discusses the concept of intrusion detection systems, including system architecture and the different categories and a brief description of the development process of intrusion detection system. Then, focuses on key technology research of Snort, which is used as lightweight intrusion detection system, introduces the overall detection system proposes that the system design goals and overall design of the structure. this thesis deeply researches the snort from its characteristic, system structure and working principle. Implements the Snort intrusion detection system in the building under the Windows, use the MySQL database and log analysis console ACID to graphical alarm information management. For the rule matching algorithm BM algorithm matching speed is slow, low efficiency of the weaknesses,so proposed an improved algorithm of Sunday to replace the BM algorithm, this algorithm combines the advantages of BM algorithm and Sunday, so that each can be skipped after a match is not successful as many characters for the next round of matches, and reduces the number of matches, and the algorithm was realized in the snort system.

KEYWORDS: Intrusion detection Snort Sunday algorithm BM algorithm

搜索“diyifanwen.net”或“第一范文网”即可找到本站免费阅读全部范文。收藏本站方便下次阅读，第一范文网，提供最新高等教育基于snort的入侵检测系统的研究(2)全文阅读和word下载服务。