| With development and popularization of the Internet, more and more companies begin to turn their essential transactions to Internet, so the Network security becomes an ineluctable problem which must be well solved in these days. In addition, with the risks and chances of network intrusion sharply increasing, designing some safe measures to prevent unauthorized user from accessing the system data and resource becomes a very impending problem in the field of network security. Aim at these problems, the development of intrusion detection technique provides a effective means to solve the problems. The Host-based intrusion detection technique can find the intrusions and attacks by analyzing the log files which are obtained from the Host computers in the network; at the same time, it also can find invalid intrusion actions by watching integrality of the key system files and executable files, or by watching the Host port activities. The Host-based intrusion detection, as the important part of the intrusion detection, will more and more play a protective role in our information society. This paper not only introduces the intrusion detection's definition, category, development and model, but also emphasizes the characters of the Host-based intrusion detection, expatiates on its structure in detail, and demonstrates the Host-based intrusion detection's merits. On the foundation of having expatiated on the Host-based intrusion detection principle, this paper expatiates on three Host-based intrusion detection methods ,one is the method based on immunological principle, one is the method for sequence analysis of sliding windows based on frequency counting, another is the method for sequence analysis of sliding windows based on weight trees. All the methods can effectively...
|
PDF Full Text Request