Design and Implementation of "Intrusion Detection System" for Web Servers

Intrusion detection technology is an emerging network security technology.But it is still inaccessible for many small and medium web servers’ users due to its high costs and complicated implementation.In this paper,an "intrusion detection system" based on the passive defense was developed to realize linkage tracking of network behaviors of visitors and detecting the web intruders through real-time monitoring of web page resource files’ changes while using the packet sniffing technique to capture IP packets and extract and decode the TCP packets,and analyzing the data in the TCP packets according to HTTP.A feasible design and implementation for Windows Web server are also presented.