探讨网络入侵检测系统模型的实现

The Implementation of Network Intrusion Detection System Model

入侵检测技术在网络安全防护中所起的作用是至关重要的。本文在明确入侵检测系统概念的基础上,详细研究了基于winpcap库的网络入侵检测系统模型的实现,分析了主要功能的实现,涉及到数据包捕获、协议解析、检测分析以及日志报警等,为网络安全又提供了一道屏障。

The intrusion detection technology is essential in the security role. In this paper, first of all, the concept of intrusion detection system is clarified, then the intrusion detection system model is realized based on winpcap library. This paper analyzes the realization of the main functions related to packet capture, protocol analysis, test analysis, and alarm logs, etc. In a word, the content of this paper provides a safe and a barrier for network.