| With the scale of network continuously expanding, the security of the network is drawing people's attention day by day. As a dynamic security equipment that can guarantee information security of the networks automatically on real time, IDS has become the essential supplement of the static security equipments such as firewall, which was paid more and more attention to. And The Distributed Intrusion Detection System (DIDS) is one of the advanced field in the research.The current development situation, trends and the existing problems of Intrusion Detection technology and Distributed Network Intrusion Detection System were firstly analyzed. Then some researches on a distributed network intrusion detection system named PeerIDS based on Peer—To—Peer principle which was proposed recently were done. Based on analyzing PeerIDS's principles, this paper mainly discuss about several insufficiency of exist system. Furthermore, corresponding strategies are proposed to optimize performance of system. Finally, according to the existing model, PeerIDS instances based on Snort was built up; aimed to the sharing coordinate characteristics of PeerIDS, a coordinate intrusion detection model, which can satisfy coordinate detect, share the intrusion detection information and exchange the subsets with intrusion detection function between the different Peer IDS instances was designed and implemented.The main characteristic and innovation of the article is below:(1) A corresponding improved strategy that can solve the weak points of existing PeerIDS model was proposed;(2) An intrusion detection instance was built up by using the existing open software such as Snort, which was based on the existing theory of PeerIDS model;(3) A coordinate intrusion detection model that can achieve the coordinate detection between PeerIDS instances, share the intrusion detection information and exchange intrusion detection function was designed and implemented. |
PDF Full Text Request