| Nowadays Internet has developed greatly while the network security problem becomes more important. The main threat of the Internet security is that the information system was broken in through the network. At the same time, intrusion technique and means have been developed and changed greatly. So protecting computer system, the Internet system and the security of all information establishment has become an urgent problem without time to delay. This text mainly analyses how intrusion detection system strengthens its ability to resist the Denial of Service intrusion and how intrusion detection system improves its testing capability to the Denial of Service. The theory has been put into practice. This text has firstly introduces the classification of the intrusion detection system, the current research circumstance, the trend of development and the technology used mostly. On the basis of the study and experiment, the text also expatiates the ideas of intrusion detection system which is based on CVE and its significance combining the practical problems and demands. This text carries out a further study on the Denial of Service that is listed at the very beginning in the CVE list on the basis of studying the vulnerabilities and exposures listed in CVE list which is accepted in the world .It summarizes the Denial of Service attacks classification characteristic and mode .It puts forward an improved distribution architecture according to analyzing the anteriority intrusion detection system. Not only does the architecture improve the efficiency in collecting datum, but also enhance the security of the system by the passive recovery way of defending attacks. The reasoning under uncertainty technology which is fit to express the inkling is used in the course of checking and measuring .The expert system reasoning machine was carried out by combining the credibility means . The isolated event is combined to increase the number of the systemetic information by using the way of concerning Denial of Service attacks circumstance. The research improves the architecture stability starting with studying the intrusion detection architecture on the base of CVE list; the reasoning under uncertainty was utilized in superstratum expert system; the character of system structure and denial of service attacks was considered and concerning arithmetic is designed in order that system can make full use of the information .The ratio of systematic false negatives and the ratio of systematic false positives are reduced. |
PDF Full Text Request