【正文】 流出現(xiàn)、系統(tǒng)拒絕信息流 和系統(tǒng)否認等，這些都是信息安全的技術難點。網(wǎng)絡環(huán)境為信息共享、信息交流、信息服務創(chuàng)造了理想空間，網(wǎng)絡技術的迅速發(fā)展和廣泛應用，為人類社會的進步提供了巨大推動力。國際標準化組織把信息安全定義為 “信息的完整性、可用性、保密性和可靠性 ”；控制安全則指身份認證、不可否認性、授權和訪問控制。 關鍵詞： 網(wǎng)絡安全 ；入侵檢測；數(shù)據(jù)包捕獲； PIDS Implementation of Personal Intrusion Detection System Abstract The Intrusion Detection System (IDS) can detect the system or the work resources on the realtime, discover the intruder who intends to enter into a system or a work without warrant in time and prevent users from wrong operation. Based on the basic theory of the intrusion detection and the core technology of intrusion detection, a way of the realization of a simple Personal Intrusion Detection System (PIDS), which based on Windows platform, is well researched. The current security status of the work is analyzed firstly, and then the history of intrusion detection technology and the current core theory of the intrusion detection system are introduced. At last, the work architecture on Windows as well as the structure of capturing and filtering data packets by Winpcap, a tool on development is introduced. After that, the system is realized under the Winpcap system environment. The abnormal detection technology is used in the system. After catching data packets with Winpcap in realtime, extracting probabilistic information about events from the intercepted IP packets and sending them to the intrusion detection module, information is analyzed by method of quantitative analysis. In actual system testing, the system shows a good ability on detecting the quantitative characteristics of work intrusion. Finally, the existed problems and our suggestion during this stage is summed up and according to the function of the system, the proposition is given about the future direction. Keywords: Network security, Intrusion detection, Package catching, PIDS 目 錄 論文 總頁數(shù)： 24 頁 1 引言 .......................................................................................................................... 1 網(wǎng)絡安全概述 ................................................................................................. 1 網(wǎng)絡安全問題的產(chǎn)生 ............................................................................ 1 網(wǎng)絡信息系統(tǒng)面臨的安全威脅 .............................................................. 1 對網(wǎng)絡個人主機的攻擊 ......................................................................... 2 入侵檢測技術及其歷史 ................................................................................... 3 入侵檢測（ IDS）概念 .......................................................................... 3 入侵檢測系統(tǒng)的分類 ............................................................................ 4 入侵檢測模型 ....................................................................................... 5 入侵檢測過程分析 ................................................................................ 6 入侵檢測的發(fā)展歷史 ............................................................................ 6 個人入侵檢測系統(tǒng)的定義 ................................................................................ 7 系統(tǒng)研究的意義和方法 ................................................................................... 7 2 個人入侵檢測系統(tǒng)的設計 .......................................................................................... 7 數(shù)據(jù)包捕獲模塊 .............................................................................................. 7 數(shù)據(jù)解析模塊 ................................................................................................11 數(shù)據(jù)分析模塊 ............................................................................................... 12 分析結果記錄 ............................................................................................... 13 報警處理模塊 ............................................................................................... 13 3 個人入侵檢測系統(tǒng)的實現(xiàn) ........................................................................................ 13 系統(tǒng)的總體結構 ............................................................................................ 13 數(shù)據(jù)包捕獲模塊實現(xiàn) ..................................................................................... 14 解碼數(shù)據(jù)包模塊實現(xiàn) ..................................................................................... 15 分析數(shù)據(jù)包模塊實現(xiàn) ..................................................................................... 16 分析結果記錄并告警 ..................................................................................... 20 4 個人入侵檢測系統(tǒng)的應用實例分析 .......................................................................... 21 結 論 ........................................................................................................................ 22 參考文獻 ........................................................................................................................ 22 致 謝 ........................................................................................................................ 23 聲 明 ........................................................................................................................ 24 第 1 頁 共 24 頁 1 引言 網(wǎng)絡安全概述 網(wǎng)絡 安全 問題的產(chǎn)生 可以從不同角度對網(wǎng)絡安全作出不同的解釋。系統(tǒng)在實際測試中表明對于具有量化特性的網(wǎng)絡入侵具有較好的檢測能力。最后在 Winpcap系統(tǒng)環(huán)境下實現(xiàn)本系統(tǒng)設計。 論文首先分析了當前網(wǎng)絡的安全現(xiàn)狀，介紹了入侵檢測技術的歷史以及當前入侵檢測系統(tǒng)的關鍵理論。源程序代碼等全套設計聯(lián)系 174320523 各專業(yè)都有 分 類號 ： TP393 U D C： D10621408(2021) 58620 密 級 ： 公 開 編 號 ： 2021031288 成都信息工程學院 學位論文 個人入侵檢測系統(tǒng)的實現(xiàn) 論文作者姓名： 金國強 申請學位專業(yè)： 計算機科學與技術 申請學位類別： 工學學士 指導教師姓名（職稱）： 熊淑華 （ 副 教授） 論文提交日期： 2021年 6 月 9 日 個人入