摘要
入侵检测系统是一种基于主动策略的安全系统,是对传统的安全策略的补充。一个合格的入侵检测系统能大大地提高运行维护的管理效率,保证网络安全运行。文章概述了入侵检测系统现状,探讨了入侵检测系统的概念、体系结构分类以及相关检测技术,并着重介绍了Snort系统的模块、整体检测流程以及检测规则等等,为项目的设计与开发做了必要的知识储备。明确指出了系统的设计目标以及框架模型,采用协议分析、模式匹配相结合的检测技术,并采用统计分析模块来完成入侵攻击信息记录进行分类统计,最后由WEB管理平台来实现统一管理。
Intrusion detection system is a secure system based on active policy,which is a supplement to the traditional security policy. A qualified intrusion detection system can greatly improve the management efficiency of operation and maintenance,in order to ensure the safe operation of the network. This paper summarizes the present situation of intrusion detection system,discusses the concept,architecture classification and related detection technology of intrusion detection system. It also focuses on the module of Snort system,the whole detection process and the detection rules,and so on,which has made the necessary knowledge reserve for the design and development of the project. The design goal and frame model of the system are clearly pointed out in this paper. Intrusion detection system adopts the detection technology of combining protocol analysis and pattern matching,meantime,the statistical analysis module is used to complete the intrusion attack information record for classification and statistics. Finally,WEB management platform is used to realize unified management.
引文
[1] 陈单英. 入侵检测系统在数字化校园网络中的应用 [J]. 武夷学院学报,2010(5):58-61.
[2] 王小龙. 基于snort的网络入侵检测系统的设计与实现[D].西安: 西安电子科技大学,2017.
[3] 马恺. 网络入侵检测系统性能研究[J]. 赤峰学院学报(自然科学版), 2018(11):48-51.
[4] 张戈琳. 入侵检测系统数据处理和检测算法研究[D]. 北京:北京交通大学,2018.
[5] 吴政修.基于智慧校园视角看高校的信息化平台建设[J].吉林农业科技学院学报,2018(2):24-27.