本文選題：防火墻　切入點(diǎn)：入侵檢測(cè)　出處：《電子科技大學(xué)》2014年碩士論文

【摘要】：隨著計(jì)算機(jī)的廣泛普及,特別是在互聯(lián)網(wǎng)出現(xiàn)后的這段時(shí)間,人們的工作和生活都受到了很大的影響。利用互聯(lián)網(wǎng)進(jìn)行信息交流也成了當(dāng)今社會(huì)的主流趨勢(shì),信息化水平的高低也成為衡量一個(gè)國(guó)家綜合實(shí)力的重要標(biāo)志。與此同時(shí),計(jì)算機(jī)網(wǎng)絡(luò)的發(fā)展和通信技術(shù)的提高也促使著網(wǎng)絡(luò)安全這一關(guān)鍵問(wèn)題不斷地被人們所重視。防火墻能夠抵擋來(lái)自網(wǎng)絡(luò)外部的入侵,但是對(duì)于網(wǎng)絡(luò)內(nèi)部的破壞行為則無(wú)能為力。入侵檢測(cè)系統(tǒng)即能夠檢測(cè)到網(wǎng)絡(luò)外界的入侵,又能檢測(cè)到網(wǎng)絡(luò)內(nèi)部的攻擊破壞行為。但是,入侵檢測(cè)系統(tǒng)并聯(lián)在網(wǎng)路中,只有檢測(cè)的功能,當(dāng)檢測(cè)出入侵或者是攻擊的時(shí)候,破壞往往已經(jīng)產(chǎn)生,無(wú)法及時(shí)的對(duì)破壞性為進(jìn)行阻止。因此,設(shè)計(jì)并實(shí)現(xiàn)一款兼有檢測(cè)和防御功能的網(wǎng)絡(luò)安全系統(tǒng)是非常有意義的。針對(duì)以上原因,本次系統(tǒng)設(shè)計(jì)并實(shí)現(xiàn)了基于自適應(yīng)的網(wǎng)絡(luò)入侵防御系統(tǒng),他兼有防火墻和入侵檢測(cè)系統(tǒng)的功能。眾所周知,入侵防御系統(tǒng)是串行連接在網(wǎng)路中的,如果在對(duì)數(shù)據(jù)的處理能力上疲軟的話,會(huì)大大的影響網(wǎng)絡(luò)的性能。所以我們提出了自適應(yīng)的能力。它有自主學(xué)習(xí)的能力來(lái)加快數(shù)據(jù)處理速度,具體表現(xiàn)在兩個(gè)方面:一是它能夠自動(dòng)學(xué)習(xí)到要學(xué)的規(guī)則類別信息,遇到數(shù)據(jù)包的時(shí)候自動(dòng)選取跟這個(gè)數(shù)據(jù)相對(duì)應(yīng)的規(guī)則類別,所以能夠很大程度的增加系統(tǒng)處理數(shù)據(jù)的能力。另一個(gè)方面是采用了延時(shí)取消的機(jī)制,如果認(rèn)為某個(gè)發(fā)送者的行為是入侵或者攻擊,就先把它所有的行為都隔離起來(lái),給定一個(gè)過(guò)期時(shí)間,如果時(shí)間到那么就取消隔離行為,這種方法能夠在網(wǎng)絡(luò)比較擁堵的情況下,很好的保持網(wǎng)絡(luò)的穩(wěn)定程度。最后,在實(shí)現(xiàn)了此系統(tǒng)后,我們對(duì)系統(tǒng)做了功能驗(yàn)證。結(jié)果表明,此次設(shè)計(jì)的系統(tǒng)跟普通的入侵防御系統(tǒng)相比,無(wú)論是在功能上還是在處理數(shù)據(jù)的能力上有明顯提高。
[Abstract]:With the wide popularity of computers, especially in the period after the emergence of the Internet, people's work and life have been greatly affected. The use of the Internet for information exchange has also become the mainstream trend in today's society. The level of informatization has also become an important symbol to measure the comprehensive strength of a country. At the same time, With the development of computer network and the improvement of communication technology, people pay more and more attention to the key problem of network security. However, there is nothing that can be done about the damage behavior inside the network. The intrusion detection system can detect the intrusion of the outside network and the attack and destroy behavior inside the network. However, the intrusion detection system is parallel in the network. Only the detection function, when the intrusion or attack is detected, the damage often has already occurred, cannot prevent the destruction in time. Therefore, It is very meaningful to design and implement a network security system with both detection and defense functions. For the above reasons, this system has designed and implemented an adaptive network intrusion prevention system. It has the functions of both firewall and intrusion detection system. As we all know, intrusion prevention systems are connected to the network in a serial way, if the ability to process data is weak, It can greatly affect the performance of the network. So we put forward the adaptive ability. It has the ability of autonomous learning to speed up the processing of data. It can be shown in two aspects: first, it can automatically learn the information of the rule categories to be learned. When you encounter a packet, you automatically select the rule category corresponding to this data, so you can greatly increase the system's ability to process the data. Another aspect is the mechanism of delay cancellation. If you think that a sender's behavior is an intrusion or an attack, isolate all of its actions first, give an expiration time, and if the time comes, unblock the behavior. This method can be used in the case of a more congested network. Finally, after the implementation of the system, we have done the functional verification of the system. The results show that the system designed this time is compared with the common intrusion prevention system. There are significant improvements both in functionality and in the ability to process data.
【學(xué)位授予單位】：電子科技大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2014
【分類號(hào)】：TP393.08

【參考文獻(xiàn)】

相關(guān)碩士學(xué)位論文 前1條

1 王雅靜;基于Linux防DoS攻擊防火墻研究[D];天津大學(xué);2008年

，

本文編號(hào)：1667996