Applied Research On Distributed Intrusion Detection Technology In The Campus Network

With the development of the technology in computer and network, Computer Network Applications are getting closer connected with people' s social lives, bringing enormous convenience of work and life; meanwhile, network security has become a potential problem which can not be ignored. Campus Network is an important infrastructure that can facilitate students to learn new knowledge, discuss issues, access to information and so on and that is also a platform for external exchange of school' s management and teaching, imposing great significance on improving school management and teaching quality. So it is an important task of campus network management to make sure the campus network will not be attacked and destructed.Based on the Internet, campus network will inevitably suffer security threats and attacks resulting from viruses, hackers, malicious software and misconduct because of its openness, connectivity and sharability. It usually happens that campus network data lose, system is falsified and network is paralyzed. The need of network security cannot be met if firewalls are employed simply. The firewalls are a passive protection technology and only control egress and ingress of data which cannot guard against inner unauthorized access to Internet. Therefore, besides taking such passive defense measure as firewalls, it is necessary to apply Intrusion Detection System (IDS) to improve the campus network security.Because of its particularity, campus network is easy to be attacked in large-scale. And with the expansion of campus scale, application function within the campus and the dramatic increase in network traffic, Intrusion detection system is required to detect intrusion quickly in the high-speed network, to reduce the rate of false positives and false negatives of Intrusion Detection System and to respond to the intrusions in real-time. Therefore, this subject aims at the solution of campus network' s security. First of all, the role of DIDS in campus network is analyzed and the system structure and the system structure, measurement procedures and gaging policy of Snort are Marcato studied. Secondly, combined with DIDS, the DIDS Model with Snort-centric will be designed and the speed and accuracy of DIDS will be improved by the mean of protocol analysis and pattern matching. Finally, the application of campus network will improve the security effectively.