Model Designing Of HDIDS

Along with the perpetual development of the computer network, the global informationization has already become the main trend of human development. While the network technology promotes the application of computer extensively and deeply day by day, security of computer network issues becomes more complicated and conspicuous gradually. Network security technology is a subject which is expanded and enriched constantly during the process of solving the network security problemï¼› It includes the firewall technology, VPN technology, encryption technology, anti-viruses technology, intrusion detection technology, etc.Under the traditional situation, network security worker regard initiative security mechanism as focus studied. Practice indicates that though initiative security mechanism and tools can play a effective shelter role, network invasion behavior exist generally yet, this is a power to study and to implement intrusion detection which meets the requirement of some concrete applications. Intrusion detection system discerns evil intention of network resource, and offers the important information for confronting with the invasion. The thesis has introduced generally to the classification, development, characteristic and main techniques of intrusion detection system in chapter one. Chapter two recommend the Common Intrusion Detection Frame (referred to as CIDF), that is a specification of communication among IDSes. Chapter three and chapter four have introduced Agent technology and Dynamic Packet Filter technology respectively, and these two techniques will apply to a Host-based Distributed Intrusion Detection System,which will be put forward in chapter six. Chapter five recommend Protocol analysis and Command Parsing technology, and it is a focus technology of IDS at present. It stem from BlackICE. Because of utilizing structure of protocol, its speed and accuracy of ID are promoted by a wide margin; the false positives and false negatives are reduced. Chapter six is the core of this thesis; An HDIDS model is proposed here. This model use aforesaid several technologies, thus its realization will be high efficient and accurate.This text groundwork lies in proposing HDIDS model. Because Protocol analysis andCommand Parsing technology is the core of this model, the model will meet the network environment in the future even more.