为了准确检测僵尸网络等恶意流量,提出以snort为核心模块,通过对网络流量的抓取、分析,以及后端数据库和前端页面的相关设计,实现了一个入侵检测系统.该系统可以实时的监测网络流量从而快速检测出网络攻击行为,及时地发出警告信息,该系统具有良好的扩展性和可移植性.%In order to detect botnets and other malicious traffic accurately,an intrusion detection system is proposed in this paper.In the system,the snort is the core module.And the system is implemented by crawling and analyzing the network traffic,and designing the back-end database and the front page.The system could monitor the network traffic in real time to detect the network attacks quickly,and send the warning message in a timely manner.In addition,the system has a good scalability and portability.
展开▼