本文選題：網(wǎng)絡(luò)安全 + 入侵檢測(cè)��； 參考：《安徽理工大學(xué)》2014年碩士論文

【摘要】：隨著計(jì)算機(jī)網(wǎng)路技術(shù)的不斷發(fā)展,網(wǎng)絡(luò)中的威脅也在不斷增多同時(shí)也日趨復(fù)雜。如何在享受網(wǎng)絡(luò)帶給我們方便快捷的同時(shí)確保網(wǎng)絡(luò)通信的安全已經(jīng)受到人們?cè)絹碓蕉嗟闹匾暋?為了提升網(wǎng)絡(luò)系統(tǒng)的安全性,網(wǎng)絡(luò)入侵檢測(cè)系統(tǒng)已經(jīng)越來越多的被人們接受和采用。經(jīng)過近些年的發(fā)展,網(wǎng)絡(luò)入侵檢測(cè)系統(tǒng)已成為網(wǎng)絡(luò)安全系統(tǒng)體系中相當(dāng)重要的一部分。但是入侵檢測(cè)系統(tǒng)的高誤報(bào)率和高漏報(bào)率卻成了現(xiàn)在制約其發(fā)展的關(guān)鍵問題。 文章結(jié)合了模式匹配技術(shù)、協(xié)議分析技術(shù)、表達(dá)式分析技術(shù)等,基于網(wǎng)絡(luò)協(xié)議分析,提出了一種內(nèi)部規(guī)則和外部規(guī)則相結(jié)合的改進(jìn)的系統(tǒng)設(shè)計(jì)。在外部規(guī)則中,設(shè)計(jì)了一種新的特征描述語言,類似傳統(tǒng)的編程語言,易懂且功能強(qiáng)大。而通過內(nèi)部規(guī)則的引入,將協(xié)議分析檢測(cè)中的邏輯進(jìn)行了豐富,實(shí)現(xiàn)了對(duì)復(fù)雜、含狀態(tài)的攻擊的檢測(cè)。相比較于現(xiàn)有的系統(tǒng),新設(shè)計(jì)下的網(wǎng)絡(luò)入侵檢測(cè)系統(tǒng)的檢測(cè)區(qū)域更加精準(zhǔn),檢測(cè)能力得到提高。 本文的主要工作有以下方面： 將表達(dá)式解析技術(shù)融入到了外部規(guī)則的檢測(cè)中,使得外部規(guī)則的邏輯表達(dá)能力和檢測(cè)能力得到加強(qiáng)。同時(shí),也一并兼容了傳統(tǒng)的模式匹配的檢測(cè)手法,并對(duì)之進(jìn)行了快速模式匹配和多模式匹配算法的優(yōu)化。 在使用外部規(guī)則的同時(shí)在系統(tǒng)中也定義了一些常用的內(nèi)部規(guī)則,用以檢測(cè)相對(duì)復(fù)雜的,或是包含狀態(tài)的入侵手段。同時(shí),通過狀態(tài)協(xié)議分析檢測(cè)等相關(guān)異常檢測(cè)手法的引入,使得改進(jìn)的網(wǎng)絡(luò)入侵檢測(cè)系統(tǒng)對(duì)未知的威脅也具有了一定的檢測(cè)能力。 多級(jí)緩沖區(qū)的使用。在設(shè)計(jì)的網(wǎng)絡(luò)入侵檢測(cè)系統(tǒng)中,采用了多級(jí)緩沖的結(jié)構(gòu),這樣使得系統(tǒng)在應(yīng)對(duì)相對(duì)高速的網(wǎng)絡(luò)環(huán)境時(shí)能夠具有比較穩(wěn)定的性能表現(xiàn)。
[Abstract]:With the development of computer network technology, the threats in the network are increasing and becoming more and more complex. More and more attention has been paid to how to ensure the security of network communication while enjoying the convenience and rapidity of network. In order to improve the security of network system, network intrusion detection system has been accepted and adopted by more and more people. With the development of recent years, network intrusion detection system has become a very important part of network security system. However, the high false alarm rate and high false alarm rate of intrusion detection system (IDS) have become the key problems restricting its development. This paper combines pattern matching technology, protocol analysis technology, expression analysis technology and so on. Based on network protocol analysis, an improved system design which combines internal and external rules is proposed. In the external rules, a new feature description language is designed, which is similar to the traditional programming language and is easy to understand and powerful. Through the introduction of internal rules, the logic of protocol analysis and detection is enriched, and the detection of complex, stateful attacks is realized. Compared with the existing system, the newly designed network intrusion detection system has more accurate detection area and improved detection ability. The main work of this paper is as follows: The expression parsing technique is integrated into the detection of external rules, which enhances the ability of logical expression and detection of external rules. At the same time, the traditional pattern matching detection techniques are also compatible, and the fast pattern matching and multi-pattern matching algorithms are optimized. While using external rules, some common internal rules are defined in the system to detect relatively complex or status-containing intrusion methods. At the same time, the improved network intrusion detection system has a certain ability to detect unknown threats through the introduction of related anomaly detection techniques such as state protocol analysis and detection. The use of multilevel buffers. In the designed network intrusion detection system, a multi-level buffer structure is adopted, which enables the system to have relatively stable performance in response to the relatively high speed network environment.
【學(xué)位授予單位】：安徽理工大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2014
【分類號(hào)】：TP393.08

【參考文獻(xiàn)】

相關(guān)期刊論文 前5條

1 辛陽;魏景芝;鈕心忻;顧陽;;用于入侵檢測(cè)的快速多模式匹配算法[J];北京郵電大學(xué)學(xué)報(bào);2008年03期

2 張雪芹;顧春華;;一種網(wǎng)絡(luò)入侵檢測(cè)特征提取方法[J];華南理工大學(xué)學(xué)報(bào)(自然科學(xué)版);2010年01期

3 景蕊,劉利軍,懷進(jìn)鵬;基于協(xié)議分析的網(wǎng)絡(luò)入侵檢測(cè)技術(shù)[J];計(jì)算機(jī)工程與應(yīng)用;2003年36期

4 張瑞霞,王勇;入侵檢測(cè)系統(tǒng)綜述[J];計(jì)算機(jī)工程與科學(xué);2002年06期

5 蔣建春,馬恒太,任黨恩,卿斯?jié)h;網(wǎng)絡(luò)安全入侵檢測(cè):研究綜述[J];軟件學(xué)報(bào);2000年11期

，

本文編號(hào)：1847528