The Key Technology Research Of Network Intrusion Detection System

With the rapid development of Internet, a great many events evolving opportunities for attackers to unlawfully access computers over the network is increasing. The intrusion detection is an important safety technology in the network security defensive system after the firewall, and it may carry on the real-time detect and monitor the system in the system entire process. The network Intrusion Detection System aims to detect a wide range of security violations ranging from attempted break in by outsiders to system penetrations and abuses by insiders. Along with network scale unceasing expansion and intrusion method unceasing renewal, they also set a higher request to intrusion detection technology. At present the intrusion detection technology face the main problem is that Internet flow increases unceasingly challenge the intrusion detection real-time and data process efficiency. Therefore, how enhances the detection efficiency of the intrusion detection system, and reduces the rate of false alarm and the rate of missing report of detect, they are the key technology about the intrusion detection research.The thesis first introduces the present situation of network security and analyses the impendency and the necessity of Network Intrusion Detection System in network security. Then we introduce the basic concept of intrusion detection system, detect technical classification, detect method and system detect principle. We carry on the comparison to each detect method, and analyzes its good and bad points. We presented an improved pattern matching algorithm after researched thoroughly classical pattern matching algorithm of intrusion detection system. The test result indicated that the improved algorithm has the higher detect efficiency. Finally, we researched the system rule gather. Aimed at the question exists which the present system rule gather, we brought forward the improved method to the rule gather. On condition it didn't affect the rate of false alarm, this method reduced the rate of missing report greatly. Union this thesis research content, we have designed one kind newly the pattern matching method unifies which many kinds of technologies. Applies this method to the detect engine of the network intrusion detection system, it may enormous enhance the detect efficiency of the system.