| Intrusion detection is a kind of new and initiative recovery technology after data encryption, firewall and other techniques, it could be endangered in the network and the corresponding intercept before the invasion. Most of the existing practical intrusion detection systems usually uses pattern database of well-known attacks to match and identify known intrusions from network data. These patterns matching of methods have high detection performance in the detecting of those known attacks, but for some unknown attacks it can not be accurately detected. In this paper, we studied and improved a kind of IDS based on the network behavior analysis. The main content of this dissertation is:1. Analysis of the current security status of the situation, briefly introduced the need for intrusion detection technology, research progress, given the content of this thesis research and organizational structure. Intrusion Detection System has been elaborated, including the classification of intrusion detection, the status of research methods, pointing out that the intrusion detection system problems.2. The knowledge of the analysis of network behavior and the research methods of network measurement be introduced. Carry out an in-depth discussion Sampling methods, A parallel network behavior analysis system, and a kind of forecasting model of network behavior based on historical time series.3. Designed and implemented a intrusion detection system model based on analysis of behavioral characteristics, Test the performance of the system.The method based on the network behavior analysis have been tested in experiment environment,and proved that it is effectively , it can reduce the miss report rate and fail report rate.At last,Paper carried out a summary on this job that have accomplished and the job needing to be in progress next step. |
PDF Full Text Request