| Windows下应用开发包构建入侵检测系统的研究 |
| |
| 作者单位: | 长春工业大学网络安全实验室,沂水县第二中学信息技术教研室 |
| |
| 摘 要: | 本文设计并实现了Windows下基于捕获包开发包Winpcap和入侵检测开发包Libnids的网络入侵检测系统。重点阐述了系统的体系结构,利用Winpcap捕获网络数据包技术,利用Libnids实现IP碎片重组和TCP数据流重组等关键技术,并且与开源的入侵检测系统snort的相关实现作了比较,突出了本系统的优越性与实用性。
|
| 关 键 词: | 入侵检测开发包 捕获包开发包 入侵检测 通用入侵检测框架 |
Research of applying the development package to construct a Intrusion Detection System in windows |
| |
| Authors: | YU Shun-jiang Wang Chun-hua |
| |
| Abstract: | This paper designed a network intrusion detection system based on Winpcap and Libnids in windows .The system framework,using Winpcap to capture net data,using Libnids to achieve IP defragmentation and TCP stream assembly etc.are the emphases of this paper .And in order to show the superiority and practicability of the system,it compares to Snort which is an open source IDS. |
| |
| Keywords: | Libnids Winpcap IDS CIDF |
| 本文献已被 CNKI 等数据库收录! |
