| The Opening of Internet offers great convenience of information sharing and exchanging, accompanied with crucial challenges to Network Security. Security issues have evolved into the key problem of information time. The firewall which has been traditional protection method can not keep up with hacker's attack. As a result, the intrusion detection technology becomes a key part in network security.The development and existing circumstances of IDS are briefly introduced in this paper. First, the concept of states IDS and its implementation method are pulled-in by classifying intrusion into categories of existence, sequence and partial order. Second, a difficult problem that the IDS based on Petri net suffered from the states explosion like some other state-based methods is concluded after inspected the application of Petri net in IDS and analyzed the two ways of its implementation. Third, the paper raises some methods, such as using synthesizing operation to simplify, restoring the order of Petri net, and adding statistic transition, to resolve these problems; the opening and closing connection of TCP Protocol are modeled by using Petri net and these methods to check some known and unknown attacks. Finally, a system that detect the SYN Flood attack regarded as a denying of service attack (DoS) codes in VC++6.0 and utilizes part of the model which had been established. |
PDF Full Text Request