关键词: 入侵检测系统;数据包捕获;数据包分析
The Research and Design of Intrusion Detection System Based on Windows
——Design of Detective Module
Abstract
Nowadays, it is information age, and Internet brings the great change to the whole world. With Internet development at full speed, in the global, the popularization day by day of the network technology, the network security question becomes more and more outstanding too.
The security of computer network is a internationalize problem, the whole world lose up to tens of billion dollars every year caused by that the security system of the computer network is destroyed. Traditional fire wall technology is no doubt important, however, it is also important to develop the network intrusion detection and early warning technology. It is the rational supplement of the fire wall , and is helpful to deal with network attacks for system, thus offer protect to the attacks from inside, the attacks from outside and operations by mistake in real time.
At first, the paper introduces the principle of intrusion detection system (IDS), and then gives the implementation of a network intrusion detective module based on packet of Winpcap of Windows. The module has the function of capture and analysis on data Packets in Share Network Segment and so on. It is an important part of the whole network intrusion detection system, which is the base of response module and is designed in order to supply the necessary data to the responsible module.
Key words: Intrusion detection system; Data packet capture; Data packet analysis