The Research And Design Of Dynamic Load-balancing Strategy Of NIDS

Intrusion Detection Technology is the next generation of dynamic security technology after traditional security measures, such as the "firewall", "data encryption". It is the entire process that is used to detect and identify the computer and network systems, or in a wider sense, the unlawful attacks on information systems. Network Intrusion Detection System (NIDS) is becoming an increasingly important security measures. With the rapid growth of network speed, the handling capacity of NIDS itself limits the ability of intrusion detection systems. With the rapid development of Internet technology, network security issues have become increasingly prominent. As the rapid growth of information networks, network attacks and the number of ways and unpredictability are greatly increased. For the protection of network intrusion detection system, it is especially important.Intrusion Detection Technology as people continue to study, the theory and technology have achieved certain results. However, in the overall context of the rapid development of core technology and innovation capacity development is not optimistic. Particularly as a high-speed LAN and optical fiber communications, and other new technology applications, and can provide high-speed Gigabit network bandwidth. Therefore under the environment of high-speed network intrusion detection system is the focus and difficult of the study.To solve this problem, at 10 Gigabit Campus Network Environment, this paper has an in-depth research. Study and propose the load-balancing strategy bases on the HASH algorithm and SYN algorithm combined. And the import value of HASH algorithm is discussed. Based on load-balancing and under multi-detector of the NIDS, SYN algorithm can effectively solves the triage in the process of the TCP/IP debris and reorganization outages.See from the results, based on HASH algorithm and SYN algorithm data triage mechanism, we can be more balanced streaming data, and better able to achieve a balanced load detector, and effectively solve the TCP/IP debris and the reorganization of interruption problems. This paper analyses the current environment of high-speed network Intrusion Detection System Research. The use of load-balancing mechanisms of detection model and the key technology and load balancing technology are discussed. And the existing load balancing strategies are compared. So in the current dynamic load balancing strategy, this paper proposes the solutions above.