本文介绍了Windows平台下基于NDIS中间层技术实现入侵检测中数据采集模块的设计方法。并引入了协议分析技术,提出了一种新的入侵检测模型。本文对数据采集模块和协议分析模块进行了设计和仿真,并利用协议分析模块完成了对几种常见攻击的检测。%Based on the NDIS intermediate layer driver in Windows,a method in which IDS is implemented was presented in the article.And a model of IDS is designed based on Protocol Analysis.The modules of packet capture and Protocol Analysis are implemented,and some attacks are detected based on the Protocol Analysis.
展开▼