Research On Distributed Intrusion Detection System Based On Improved Pattern Matching Algorithm Of BM

Intrusion detection technology is another security guaranty technology after "firewall", "data encryption" or other traditional security protection way.It can recognize illegal action happening on computer or network,and can not only detect intrusion from outside but also supervise internal unauthorized action,which is applied broadly in network security area.For current Intrusion detection System(IDS) is not so advanced development of higher efficiency IDS has become so important.In this issue main work is based on these items:(1) Research background and significance about IDS,international and domestic reseach level,main problem and development direction are described.Intrusion Detection related pattern matching's principle,classification,development and challenge are discribed,whieh are prepared for late research and application of DIDS and pattern matching algorithm.(2) A new improved pattern matching algorithm named CBM algorithm is raised from BM algorithm and detailed performance comparisons of KMP algorithm,BM algorithm,BMH algorithm,BMHS algorithm and CBM algorithm through experiment are made,which prove CBM algorithm has higher efficiency than other algorithms in pattern matching procedure.(3) To problem of current IDS a new design of Distributed Intrusion Detection System(DIDS) based on Multi-Agent technology are presented.This design take Multi-Agent technology to build infrastructure of DIDS and all Agents which communicate,cooperate and manage each other are located on everywhere of whole network.This DIDS based on Multi-Agent structure can not only provide better real-time ability,higher detection ability and wider detection range but also improve extensibility,robusticity and stability of whole system,which can improve performance of Intrusion Detection.(4) Simulation experiment of Intrusion detection proves this designed DIDS can run and work properly.Late comparison experiment of packet-loss rate of designed IDS and Snort IDS which is popular currently are made,which presents experiment data diagram in this article.This experiment proves that designed IDS has lower packet-loss rate than Snort IDS in wider range of network attack data-packet speed.This experiment also prove that Multi-Agent mechanism and new pattern matching algorithm improve process speed of DIDS which has better performance and higher process ability as result.