Research And Implementation Of Distributed Network Intrusion Detection System

With the rapid development of the network technology and the continual opening for Internet, it has become increasingly serious to fight against network intrusion. The network security, as a hot issue today, has been attached importance to by people gradually. Though a variety of traditional static security defending system, such as firewall, identification and data encryption are much consummate, they can't completely solve all problems in the field of the Network Security. So there comes the Intrusion Detection Technology, a type of dynamic network security system. It has been another defending line behind firewall, which can find the intrusion from the trace and orderliness of their actions.The Intrusion Detection Technology is now being inclined to its consummate after two decades' development in theory and application. The Intrusion Detection System can be divided into the Host-based Intrusion Detection System and Network-based Intrusion Detection System according to the data source or the Exception Intrusion Detection System and the Misuse Intrusion Detection System according to the analysis technique. In the standardization of the Intrusion Detection System, the greatest achievement is the Common Intrusion Detection Frame, which has built a foundation for the further evolution of the Intrusion Detection System.In this paper, the author firstly analyzes the current situation in network security, presenting the defects of traditional network security technology (especially in firewall) and then educes the Intrusion Detection System. In the following sections, the author introduces the history of the Intrusion Detection System, and some common detection technologies and varieties of detection systems. At the same time, the author analyzes the combined-defending architecture of the Intrusion Detection System and the Firewall. At last the author introduces the distributed network intrusion detection system designed by the author, presenting the key technology and some ways to solve the problems in the system, at the same time, the author tests the system.