基于Snort的入侵检测系统教学实验设计与实现  被引量：8

作　　者：张旭珍[1] 黄成玉[1] 张志波[1] 

机构地区：[1]华北科技学院电子信息工程学院,北京101601

出　　处：《实验室研究与探索》2014年第4期159-163,共5页Research and Exploration In Laboratory

基　　金：中央高校基本科研业务费资助项目(DX1202B)

摘　　要：入侵检测系统是保障信息安全的重要手段。入侵检测是信息安全课程的重要内容,它涉及的概念多,内容抽象,难以理解。为了巩固学生所学的理论知识,提高学生的实践动手能力,培养学生的创新意识,论文对入侵检测系统的实验教学进行了探索。介绍了网络入侵检测系统的原理,在分析Snort的结构和组成的基础上,设计了基于Snort的入侵检测实验方案,在实验室用计算机和相关网络设备搭建了入侵检测系统实验环境,重点介绍了部署入侵检测系统的关键步骤,给出了入侵检测实验的测试结果。实践证明:通过入侵检测系统实验教学,大大增强了学生的学习兴趣和积极性,加强了学生对课堂抽象知识的理解,拓宽了学生的知识面,提高了信息安全课程的教学质量。Intrusion detection system （IDS） is an important instrument in the domain of information security. In the information security course, ＂intrusion detection＂ is very important part with its contents having many concepts and the principle being abstract. In order to consolidate student＇s theoretic knowledge and improve their practical abilities and innovation consciousness, the experimental teaching of IDS is explored. On the basis of analysis of the framework and structure of Snort, the experiment scheme of network IDS is designed, which is base on Snort and fits for the standard of common intrusion detection theory. By analyzing and presenting the framework and structure of Snort, the experiment scheme of network IDS is designed based on Snort, and fits for the standard of common intrusion detection theory. The experimental environment of IDS is built in the laboratory network, the key steps of deploying the system are detailed, and test results of intrusion detection experiments are analyzed. The practical research finds that the student can be inspired to study with interest and enthusiasm, widen the range of knowledge, improve synthetic ability and trained innovation consciousness through the research type experiment of digital filter design. The practical research finds that IDS experiment teaching is helpful to inspiring students＇ learning motivation and enthusiasm, deepening their understanding of abstract knowledge, widening their range of knowledge and improving the teaching quality of information security course.

关 键 词：入侵检测系统 实验教学 信息安全 

分 类 号：TP393[自动化与计算机技术—计算机应用技术]