Network Invasion Detection System Research And The Realization

With the constant development of the network, the network security is being paid close attention to by people, the already existed firewall has been more difficult to ensure the security of the network independently, that include a lot of reasons, mainly because the firewall stops from the outside attack in the open all the time, the hacker is renovating constantly to the means of the firewall, lets it is impossible to defend;On the other hand, a lot of attacks stem from the internal network, for example internal users go beyond one's commission to operate or destroy etc. maliciously, all these have constituted great threat to network security. Not attacking for more overall protection network, intrusion detection system will give play to irreplaceable function.Invasion detection system is the "firewall", "data encryption" effective complement to the security system. It can help network rapid detect hackers, and the expansion of the security management capabilities of the system managers to enhance the integrity of the information security infrastructure.This paper introduced the first simple invasion detection system and the status of research on network security technology, and secondly, on the invasion detection system classification: invasion detection systems based on its use of analytical methods can be divided into unusual detection and misuse detection, according to system data sources can be divided into host intrusion detection systems and network-based intrusion detection systems. Also expounded on the current invasion detection of two criteria: CIDF standards and IDWG standards, and on this basis to discuss the current deficiencies and trends of invasion detection system. Then, through the invasion of testing technology and related CIDF standard in-depth study in a laboratory environment for network intrusion detection systems based on the operating system platform in the windows, using a MySQL database. Detailed design of the system, the focus on the rules of radio modules, testing and analysis procedures and rules matching algorithms and put forward a kind of improved BM algorithm especially.