Research And Design Of Network Intrusion Detection System Based On Pattern Matching

With the rapid development of computer networks and wide application, network intrusions become more frequent, and serious harm, network security issues become increasingly prominent. The traditional technical system and some defensive inherent deficiencies, as a proactive network security defense tools intrusion detection technology has changed the previous defensive characteristics. it can identify potential threats by real-time analysis of data on a network,so that greatly improve the network security capabilities, making intrusion detection technology has become the focus of research in network security. On the internal attack, IDS has more advantage, known as the second defense line after the firewall. But there is people have not enough understanding of intrusion detection, and not as mature as firewall detection technology, therefore, to carry out the research on intrusion detection has more effects. As the growing network, the traditional firewall security policy model can not satisfy people's demand of network information security.Intrusion detection as a reasonable supplement of firewall, The network's security research and development become new hot spot.The main contents of this paper are organized as follows:(1) Introduces the current status of network security and security policy, analysised advantages and disadvantages of the traditional encryption, firewalls and authentication and other security technologies, including the development of intrusion detection at home and abroad.(2) The BM pattern matching algorithms used in intrusion detection module of Intrusion detection system is analyzed in detail, pointing out the deficiencies of the traditional BM algorithm in intrusion detection network environment, and point out an improved BM algorithm according to the characteristics of the intrusion detection.Test its performance Comparison of the original algorithm.(3) Analysis of intrusion detection system structure and each module of the system, referencing to several common intrusion detection models and features for the current computer network, detailed design and simulation the data capture module, protocol analysis module, and intrusion detection module response module of the system. And uses the improved BM algorithm in intrusion detection module of the intrusion detection system. Then the modules of intrusion detection system were tested and comparison test to the improved algorithm.Finally, the paper summarizes some of the problems still exist in the system and proposes areas for improvement in the future. Hope that the system more powerful and more efficient.