中文摘要：

通过充分利用入侵检测各类产品的安全防护特点,本文设计了一种策略分流的入侵防御及恢复系统架构.采用双NIDS系统作为前端检测模块,通过策略分流,使得双NIDS系统全面覆盖入侵检测的各个协议层,充分发挥两种NIDS系统的检测优势,实现高效的入侵检测.并结合HIDS的主机日志防护机制及关键内容恢复机制,在即便出现入侵破坏数据的情况下,仍可保证系统的关键部位安全.

英文摘要：

By making full use of the security features of intrusion detection products, this paper designs an intrusion prevention and recovery system architecture based on policy shunt. The system uses the double NIDS system as the front-end detection module, making the double NIDS system completely cover the various protocol layers of intrusion detection by policy shunt and gives full play to the advantages of both NIDS detection system to achieve the high-efficiency intrusion detection. In addition, the system combines with the host logs protection mechanisms and the key recovery mechanisms. Therefore, even in the case of intrusion and data destruction, the system can ensure the security of the critical parts in the system.