The Intrusion Detection System Based On Evidence Theory

Research is launched on Intrusion Detection System in this paper. The concept of network security is introduced briefly, and the technology of current intrusion detection's is also analysed. The thesis comes from all questions in network security and IDS's trend. The idea of constructing IDS based data fusion is given on current exist questions of high false positive in IDS. And based on information fusion and Dempster-Shafer evidence theory, the IDS model is given about evidence theory. In the next step, the detection information on the same network event is obtained by the different detection means. For that purpose, the two sensors is constructed. A new auto method of basic probability assign is designed and called generating evidence model for inferring based on evidence theory. At the end of this paper, the conclusion is concluded by reasoning with the combining rule of Dempster-Shafer theory. The process of data fusion is designed and the algorithm of D-S theory is implemented. The feasibility of IDS based D-S theory is validated in the trial. In the experiment, the high detection accuracy and low false positive rate is obtained and the performance of the IDS is also improved.