网络综合防御系统中防火墙联动的设计与实现

THE DESIGN AND IMPLEMENTATION OF FIREWALL INTERACTION OF IIDS

对网络综合防御系统的理念进行了介绍,并给出网络综合防御系统的整体设计。根据课题组开发的Immuno系统模型和防火墙联动模块二级结构的总体规划,详细阐述了系统中防火墙联动模块的设计及核心子模块的实现。该模块能让多种防御系统进行联动,同时检测到网络攻击后,可通过向防火墙中动态添加规则阻断攻击。

The truth of IIDS（ Integrated Internet Defense System） is introduced and the whole design of IIDS is described. Based on the Immuno system model and the whole layout of firewall interaction module,the design of the interaction module and the implementation of the core sub-module are expounded. The interaction of different defense systems is realized by the module, and network attacks can be interdicted throngh dynamic rule appending after the detection of attacks.