Research And Implementation Of Intrusion Detection System Based On Multilayer Perceptrons Neural Network

Faced with current rigorous computer security situation, intrusion detection technology, as a kind of active technology for security protection, can detect network status dynamically, and find the security matter in network. It is a reasonable supplement to traditional security technology. Meanwhile, it is also a hot spot in the current computer security research.Data collection and analysis is the key part of intrusion detection technology. In view of the tow problems, this paper advances an intrusion detection system (IDS) based on multilayer perceptrons neural network in high-speed network environment.In high-speed network environment, the traditional the packet capturing tech can't satisfy with the requirement of IDS. By mean of introducing the memory mapping and NAPI, the IDS can accelerate the capturing speed of network packet, and lighten the burden on the operation system, which can then have more operation time on the detection of intrusion activity. On the basis of the packet capturing, the IDS uses multilayer perceptrons neutral network to anomalously detect the packet. For the purpose of enhancing the capacity of learning and discernment, the IDS divide the packet into different categories, and construct different neutral network to train and detect the divided packet. At the same time, the IDS improve the standard back-propagation algorithm to accelerate the convergence speed of neutral network.The IDS in this paper is divided into four parts. They are packet capturing module, data preprocessor module, neutral network training module and detection module. The packet capturing module is charge of capturing packet form network, implementing the tech of memory mapping and NAPI and resolving the packet in order to analyses the packet property easily. The data preprocessor module is responsible for quantizing and normalizing the packet property, picking up the property based on time and dividing the packets into different types, which are delivered into different neutral network for training. The detection module detects the input packet and determines whether it is a normal or abnormal packet.Finally, the paper uses the sample of intrusion detection training data from MIT Lincoln laboratory to test the system. The result shows that the IDS which uses multilayer perceptrons neutral network with packet divided and algorithm improved, has higher efficiency, lower false alarm rate and missing report rate.