| The future war field will be network war. War modality such as net attack, net defense and newnetwork tactic will be successionally appeared. All of this is center on network intrusion and networkdefense. Network intrusion and network defense is the base, which decide battle and campaign victoryor not. Network intrusion and intrusion detection will be the key of battle.Nowadays, one can break into remote system easily with hacker tools on Intemet. Network-Basedintrusion becomes common and sophisticated. IDS(Intrusion D etection System) also focuses onIntemet instead of host and operating system. Currently, network-based IDS has difficulty in dealingwith different topology of Internet, huge packet data, real-time detection and complex attacking pattem.Though traditional IDS which bases on rule matching has false alarm rate, but it can't refresh database intime, and can do nothing about new intrusion. All of this make Network-Based IDS face much newdifficute. Be dead against this case, this paperbuilds an advanced Network-Based IDS. It implementssome new designs so as to overcome faults of past systems and detect attacks more acoarately andefficiently. These designs include:load balance, protocol analyse, resource surveillance. To settle hugepasket data,we use load balance to improve system robustness. Be dead against false alarm rate andpoor adaptability, we advance method base on protocol analysis, and find suspectable behaviour whichcanuse resource surveillance to validate. It can improve false alarm rate ofintrustion detection system,and implement auto updata rule base of system. |
PDF Full Text Request