Dissertation > Excellent graduate degree dissertation topics show

Snort detection rate of high-speed networks to improve research methods

Author: ChenYanPing
Tutor: HaoLin
School: Yunnan University
Course: Computer System Architecture
Keywords: Intrusion Detection Omission Overload Snort Selective Packet Discarding Preprocessor Plug-in
CLC: TP393.08
Type: Master's thesis
Year: 2011
Downloads: 20
Quote: 0
Read: Download Dissertation

Abstract


Intrusion detection technology collects a number of key points in the information of computer or network, to monitor the computer or network operation system to attempt to find a variety of attacks, aggressive behavior or the result of the attack. With network safety problem gradually austere, IDS on its characteristic having made up the deficiency of tradition safe protection, becoming the important component of the computer and the network safety.Currently, there are many kinds of methods and models about intrusion detection, but statistical methods、Data mining and expert system mainly. They each have their own advantages and disadvantages, but the purpose is to analyze data, improve the accuracy and efficiency about intrusion detection system. With the rapid development of high-speed network, generation of network data rate far exceeds the processing capacity of intrusion detection system, constantly bringing new challenges to NIDS. When computing power can not be met, Intrusion detection system will ignore some packets, caused by omission. How to improve the performance of intrusion detection system under high-speed network has become an important part in intrusion detection area.As the network data flow characteristics of sudden, that at a time, particularly large network data traffic, some point in the other, network traffic may be relatively small. From the perspective of intrusion detection, the sudden is the intrusion detection system may be at particularly busy times the state, the intrusion event from a large number of network packets must be detected within a very short time, and make these real-time response to the invasion; in the other period of time, intrusion detection system may be relatively long period of time are not captured packets, therefore, relatively free. Accordingly, we propose selective packet discarding that discarding those packets which less affected detection accuracy under load.As a well-know open source network intrusion detection system, Snort have been widely studied and used in the industry for its protection information systems security effectively. Snort’s structure consists of several software modules, these modules are combined with plug-in models and Snort, very convenient extension. Among preprocessor, stream5 and frag3 are the basic of the two preprocessor plug-in which complete merging work of the data in multiple packages. Our discussion is to increase selected packets discarding in this level. Part by selectively discarding those packets which little effect on the detection rate or rather did not affect any, that reduce the amount of data delivering to NIDS detection engine, it’s will be a better idea.

Related Dissertations

  1. Intrusion detection based on the ultrasonic echo envelope in the military security patrols,E919
  2. Research on Intrusion Detection Technology of Wireless Sensor Networks Based on Behavior Trust,TP212.9
  3. Snort intrusion detection system based on improved system design and implementation,TP393.08
  4. Study of snort -based IPS,TP393.08
  5. Mechanisms based on trust metrics Research and Implementation of Intrusion Detection System,TP393.08
  6. Design and implementation of intrusion detection system based on association rules,TP393.08
  7. On Antecedent Action and Rescue Obligation in Omission Tort,D913
  8. German consumer group litigation research,DD915.2
  9. Development of Injection Molding Automation Equipment for Earphone Plug,TQ320.662
  10. MySQL Database Source Code Analysis and Design of the Storage Engine,TP311.13
  11. Discuss the Source of Omission Crime Legal Duty to Act from Song’s Arson Case,D914
  12. Implementation and Research of Illegal Websites Detection System Based on Comparison Methods,TP393.08
  13. On Administrative Omission of Public Security,D922.1
  14. Serious Moral Responsibility Should be the Source of the Omission Obligation in Criminal Cases,D924.1
  15. Influence of Bupleurum Sanseng Capsule on Myocardial Ca2+ and the Expression of SERCA2a in the Rat Model with Myocardial Ischemia and Cardiac Arrhythmia,R259
  16. Role of RIRR Mediated by mPTP in Iron Overload Resulted in Hepatic Damage,R575
  17. The Research of Network Intrusion Detection System in Campus LAN,TP393.08
  18. Research on Countermeasure About Vehicle with Overload or Over-limited,U491
  19. Mechanical Behaviors of RC Rigid Frame Arch Bridge and Strengthening Techniques for Joints,U448.22
  20. The Design of Campus Network Distributed Intrusion Detection System Based on Snort,TP393.08
  21. Experimental Study on Application of CFG Pile in Qingdao,TU473.1

CLC: > Industrial Technology > Automation technology,computer technology > Computing technology,computer technology > Computer applications > Computer network > General issues > Computer Network Security
© 2012 www.DissertationTopic.Net  Mobile