1、 本科毕业设计(论文)本科毕业设计(论文) Linux 网络入侵检测系统设计与实现网络入侵检测系统设计与实现 非法数据包的检测与分析非法数据包的检测与分析 学学 院院 经济管理学院 专专 业业 电子商务 学学 生生 姓姓 名名 指导教师姓名指导教师姓名 摘摘 要要 伴随着网络的迅速扩张,电子商务也如火如荼地发展。然而,网络安全事件 却时有发生,给电子商务经济的带来了很大的损失,电子商务要想持续高速地发 展下去,必须首先解决网络安全问题。而入侵检测技术作为网络安全技术的一个 重要方面,它的发展必将推动电子商务的前进。 网络入侵检测系统是入侵检测系统的一个重要的分类,它能够提供实时的网 络检测与响
2、应。本论文介绍了入侵检测系统及其检测原理,并在此基础上,采用 模块化设计思想,设计并实现了一个网络入侵检测系统。本论文详细介绍了入侵 检测系统的几大功能模块的实现过程。在入侵事件检测模块中,本软件采用了一 种基于协议分析的规则匹配的方法,对简单的模式匹配法做了改进,极大的提高 了系统的效率。 关键词:网络安全 入侵检测系统 BPF 过滤器 网络协议 规则匹配 Abstract With the rapid expansion of the internet, the electronic commerce is also developing like a raging fire. But t
3、he network security event occurs now and then, which brought the very big loss for the electronic commerce economy. Electronic business has had to solve the network security problem first to insure its continuing rapidly developing. Intrusion detection technology takes an important aspect of the net
4、work security technology. Its development will certainly impel the electronic commerce advance. NIDS (Network Intrusion Detection System) is one important classification of Intrusion Detection System. NIDS can provide a real-time network detection and response. This paper gives an introduction of th
5、e Intrusion Detection System and its detecting principle, and upon this foundation, we use the modular design thought, design and realize a Network Intrusion Detection System. This paper gives details of the realization process of Network Intrusion Detection Systems several function modules. In the
6、intrusion event detection module, we adopt an approach of rule-matching based on protocol analysis, which has made an improvement to the simple pattern-matching approach, and enormously enhanced the efficiency of system. Key words:network security IDS (Intrusion Detection System) BPF filter network protocol rule-matching 目 录 第一章第一章 绪论绪论 . 1 1.1 论文的背景及意义 1 1.1.1 问题的提出 . 1 1.1.2 设计的意义 . 2 1.2 国内外发展现状
