With the rapid development of computer and network, when more and more companies and users surf Internet, more and more people have focused network security. IDSs (Intrusion Detection System) are a new type of safety protection technology after traditional security protection method such as firewall, data crypt, etc. and are widely employed. Traditional intrusion detection technology based on pattern matching has not adapted to demand of that detection of new intrusion behaviors, and statistical analysis is based on establishing the normal outline of the normal behaviors, and can find new intrusions. Because both the technologies have there own advantages and they can supply for each other, IDS combined with the tow technologies was used more and more widely.Firstly, this dissertation analyzes the present situation of network security problems, the false positive and the false negative of Intrusion Detection System are very high and it was always the main problem that bothered the user of IDS. Then this dissertation pointing out that the research and development of intrusion detection system have very important meanings. Then the dissertation presents the concept, technology, and standardization of intrusion detection, etc, and intensively studies pattern matching and statistical analysis. Finally, the dissertation proposes the architecture of intrusion detection system based on pattern matching and statistical analysis, and the system has many advantages such as high efficiency, high accuracy, etc. So it can reduce the false positive rate and the false negative rate, and then to improve security of IDS. |