包括论文,设计,论文字数:13229,页数:28
摘 要
当今是信息时代,互联网正在给全球带来翻天覆地的变化。随着Internet在全球的飞速发展,网络技术的日益普及,网络安全问题也显得越来越突出。
计算机网络安全是一个国际化的问题,每年全球因计算机网络的安全系统被破坏而造成的经济损失高达数百亿美元。传统的防火墙技术固然重要,但是,发展网络入侵检测及预警技术也同样重要,它是防火墙的合理补充,帮助系统对付网络攻击,从而提供对内部攻击、外部攻击和误操作的实时保护。
本文首先介绍入侵检测系统的原理,并在此基础上利用Winpcap开发包,在Windows操作系统下实现了基于数据包分析的网络入侵检测系统的检测模块。该模块完成了对共享网段中的数据包的捕获和分析等功能。它是整个网络入侵检测系统的重要组成部分,是响应模块设计的基础,为响应模块提供需要的数据。
关键词: 入侵检测系统;数据包捕获;数据包分析
The Research and Design of Intrusion Detection System Based on Windows
��——Design of Detective Module
Abstract
Nowadays, it is information age, and Internet brings the great change to the whole world. With Internet development at full speed, in the global, the popularization day by day of the network technology, the network security question becomes more and more outstanding too.
The security of computer network is a internationalize problem, the whole world lose up to tens of billion dollars every year caused by that the security system of the computer network is destroyed. Traditional fire wall technology is no doubt important, however, it is also important to develop the network intrusion detection and early warning technology. It is the rational supplement of the fire wall , and is helpful to deal with network attacks for system, thus offer protect to the attacks from inside, the attacks from outside and operations by mistake in real time.
At first, the paper introduces the principle of intrusion detection system (IDS), and then gives the implementation of a network intrusion detective module based on packet of Winpcap of Windows. The module has the function of capture and analysis on data Packets in Share Network Segment and so on. It is an important part of the whole network intrusion detection system, which is the base of response module and is designed in order to supply the necessary data to the responsible module.
Key words: Intrusion detection system; Data packet capture; Data packet analysis
目 录
1.引 言 1
1.1课题背景及意义 1
1.1.1 网络安全面临的威胁 1
1.1.2 网络安全隐患的来源 2
1.1.3 网络安全技术 2
1.2 本文研究内容 3
2. 入侵检测基础 4
2.1 入侵检测的定义 4
2.2 入侵检测与P2DR模型 5
2.3 入侵检测的原理 5
2.4 入侵检测的分类 7
2.5 入侵检测的发展趋势 8
3. 基于Windows入侵检测系统的设计 9
3.1概述 9
3.2系统总体结构 9
3.3开发环境 10
4. 检测模块的设计与实现 10
4.1设计思想 10
4.2 Winpcap软件开发包简介 11
4.3 BPF过滤机制简介 11
4.4网络数据包捕获模块的实现 12
4.4.1 网络数据包捕获机制 12
4.4.2 数据包捕获的具体实现 12
4.5 网络数据包分析模块的实现 16
4.6 系统集成 18
5. 系统测试与分析 19
5.1 测试目的 19
5.2 测试结果 19
结 论 21
参考文献 21
致 谢 22
声 明 24
基于Windows入侵检测系统的研究与设计---检测模块设计......
