| With the rapid development of the network technology and the continual opening for Internet, it has become increasingly serious to fight against network intrusion. The network security, as a hot issue today, has been attached importance to by people gradually. Though a variety of traditional static security defending system, such as firewall, identification and data encryption are much consummate, they can't completely solve all problems in the field of the Network Security. So there comes the Intrusion Detection Technology, a type of dynamic network security system. It has been another defending line behind firewall, which can find the intrusion from the trace and orderliness of their actions. Nowdays, with the development of computer and network technologies, the wide adoption of distributed computing environment, and the recent appearance of distributed Denial-of-Service (DDoS) attacks, traditional centralized intrusion detection systems, which only concern their local network environments or a single host, are proved to be not sufficient. As a result, Distributed Intrusion Detection Systems appear, and develop into one of the focus of Intrusion Detection research realm. Under the background that the concentrated network intrusion detection system can not provide more efficient protection to network, the paper analyze ,designs an distribute network intrusion detection system. We analyze models and structures adopted by most current Distribute Intrusion Detection Systems(DIDS) at first, then designs an Distribute Intrusion Detection System which fits for the standard of Common Intrusion Detection Framework, presents the key technology and some ways to solve the problem in the system. Finally, the paper points out the deficiencies of the system and presents that need to be improved.
|
PDF Full Text Request