网络入侵监控报警

系统由嗅探器、监控中心、远程管理、远程终端等构成。通过实时分析网上数据流来监控非法入侵活动，并根据监控结果报警、响应，达到主动发现入侵活动、确保网络安全目的。它采用基于模式、基于统计两种方法发现入侵。重点是嗅探器对入侵的识别，技术关键是数据流实时性与查询速度矛盾、入侵模式动态添加等问题。具有智能分析、双向监控、漏洞自检等功能，是传统网络安全产品的强有力助手。

Monitor Alarm System of Network Intrusion

This system is composed by sniffer, monitor control center, remote management unit and remote terminal. Illegal traffics on network can be actively detected by network security monitor, it captures network data stream and intercepts malicious attack, so as to alarm or take response action in real-time. Attack activities under surveillance are distinguished by two methods--rule based method and statistics based method. Intrusion recognition by sniffer is the key of this system. In addition, dilemma between real-time data stream and high inquiry speed,as'well as dynamic addition of attack rules contributes to the main concern of system design. This system can be self detected, while intelligent analysis and bidirectional surveillance ability have also been implemented, and presented as a strong assistant to traditional network security products.