校园网入侵检测系统设计与实现
发布时间:2018-10-20 16:51
【摘要】:校园网是学校的重要基础设施,可以方便学生学习、讨论问题和查阅资料等,同时也是学校教学、管理、对外交流的平台。但是接入Internet所带来的安全问题给我们校园网管理者带来了极大的挑战,随处可得的黑客工具和不断曝光的系统漏洞使我们的校园网络无时无刻不处于危险之中。校园网的安全对维护学校正常的教学秩序,资源管理等起着极为重要的作用。因此,如何保证校园网的安全问题,也就成了一个极为重要的问题。 本文在综合论述国内外入侵检测技术研究的现状,并分析现有的入侵检测系统的不足,以及入侵检测系统在校园网中的作用。首先以典型的网络入侵检测系统snort为研究对象,对分布式入侵检测系统展开研究,设计以snort为核心的分布式入侵检测系统模型,并通过协议分析和模式匹配的检测方法提高入侵检测准确度、效率。 该系统主要包括数据捕获模块、数据服务器模块、安全通讯模块和响应模块。其中重点分析了数据捕获模块的实际问题,从数据包捕获、协议分析、模式匹配、规则链表的生成等方面进行了阐述。其中使用了Snort规则集,数据库选用的是My SQL数据库,并实现了ACID分析图形化输出。方便用户配置和掌握系统的安全情况。 最后,本文使用基于Linux环境下的Snort软件搭建分布式入侵检测系统测试平台,给出了IDS主机、服务器和管理控制台的详细配置清单,并进行试验测试分析,说明系统是可行有效地。
[Abstract]:Campus network is an important infrastructure of the school. It can facilitate students to study, discuss problems and consult information. It is also a platform for teaching, management and communication. However, the security problems caused by accessing Internet bring great challenges to our campus network managers. The hacker tools available everywhere and the system vulnerabilities exposed constantly make our campus network in danger all the time. The safety of campus network plays an important role in maintaining normal teaching order and resource management. Therefore, how to ensure the security of campus network has become an extremely important issue. In this paper, the current situation of intrusion detection technology research at home and abroad is discussed, and the deficiency of existing intrusion detection system is analyzed, and the function of intrusion detection system in campus network is also analyzed. Firstly, a typical network intrusion detection system (snort) is taken as the research object, and the distributed intrusion detection system (DIDS) model with snort as the core is designed. The accuracy and efficiency of intrusion detection are improved by protocol analysis and pattern matching. The system mainly includes data capture module, data server module, security communication module and response module. The practical problems of data capture module are analyzed, including packet capture, protocol analysis, pattern matching, rule list generation and so on. Among them, the Snort rule set is used, the database is My SQL database, and the graphical output of ACID analysis is realized. It is convenient for users to configure and master the security situation of the system. Finally, this paper uses the Snort software based on Linux to build the distributed intrusion detection system test platform, gives the detailed configuration list of the IDS host, server and management console, and carries out the test and analysis. It shows that the system is feasible and effective.
【学位授予单位】:电子科技大学
【学位级别】:硕士
【学位授予年份】:2010
【分类号】:TP393.18
本文编号:2283775
[Abstract]:Campus network is an important infrastructure of the school. It can facilitate students to study, discuss problems and consult information. It is also a platform for teaching, management and communication. However, the security problems caused by accessing Internet bring great challenges to our campus network managers. The hacker tools available everywhere and the system vulnerabilities exposed constantly make our campus network in danger all the time. The safety of campus network plays an important role in maintaining normal teaching order and resource management. Therefore, how to ensure the security of campus network has become an extremely important issue. In this paper, the current situation of intrusion detection technology research at home and abroad is discussed, and the deficiency of existing intrusion detection system is analyzed, and the function of intrusion detection system in campus network is also analyzed. Firstly, a typical network intrusion detection system (snort) is taken as the research object, and the distributed intrusion detection system (DIDS) model with snort as the core is designed. The accuracy and efficiency of intrusion detection are improved by protocol analysis and pattern matching. The system mainly includes data capture module, data server module, security communication module and response module. The practical problems of data capture module are analyzed, including packet capture, protocol analysis, pattern matching, rule list generation and so on. Among them, the Snort rule set is used, the database is My SQL database, and the graphical output of ACID analysis is realized. It is convenient for users to configure and master the security situation of the system. Finally, this paper uses the Snort software based on Linux to build the distributed intrusion detection system test platform, gives the detailed configuration list of the IDS host, server and management console, and carries out the test and analysis. It shows that the system is feasible and effective.
【学位授予单位】:电子科技大学
【学位级别】:硕士
【学位授予年份】:2010
【分类号】:TP393.18
【参考文献】
相关期刊论文 前10条
1 陈海涛,裴晋泽,胡华平,龚正虎;基于对等网络的自适应安全协作框架研究[J];北京航空航天大学学报;2004年11期
2 张秀玲;神经网络自适应控制的研究进展及展望[J];工业仪表与自动化装置;2002年01期
3 郭晓淳,吴杰宏,刘放;入侵检测综述[J];沈阳航空工业学院学报;2001年04期
4 李晓莺,曾启铭;利用协议分析提高入侵检测效率[J];计算机工程与应用;2003年06期
5 ;NAI的CyberCop Scanner在InfoWorld评测中胜出CyberCop Scanner荣获安全漏洞检测最佳整体解决方案殊荣[J];计算机与通信;1999年04期
6 ;思科:积极推动下一代广电网络发展[J];通讯世界;2010年04期
7 张海芹;须文波;;基于移动Agent的新型分布式入侵检测系统[J];微计算机信息;2006年24期
8 连一峰;入侵检测综述(三)[J];网络安全技术与应用;2003年03期
9 徐健;张顺颐;;基于网络的入侵检测系统的设计与实现[J];计算机系统应用;2006年10期
10 ;启明星辰:可视化将IDS带入新时代[J];信息网络安全;2010年04期
相关硕士学位论文 前1条
1 钟平;校园网安全防范技术研究[D];广东工业大学;2007年
,本文编号:2283775
本文链接:https://www.wllwen.com/guanlilunwen/ydhl/2283775.html
