| Now, with the rapid development of the network and social information deepening, the network has been used widely and brought wealth. But the disadvantages of the network have gradually come to the fore, forcing human to pay a high price for the security. Network security is an indispensable part of the network. Firewall has solved some of the unsafe behavior of the attack, but it can not solve all network security issues. There are still many security problems in the network.Many experts and scholars have proposed intrusion detection technology to make up for the deficiency of firewall and program many excellent tools. With the further needs on the network, intrusion detection technology today has made considerable progress, but still there are many issues, for example high false detection rate and false negative rate and speed bottlenecks. People urgently need network can predict in advance in case of network being attacked, and take effective action to prevent the networks from attacking in a timely for less loss.Foreign and domestic experts and scholars have proposed intrusion prevention technologies in order to solve the problems which were made by intrusion detection technology. Intrusion prevention technology is a proactive, positive intrusion prevention technology. When it detects an attempt to attack, it will automatically reject attack packets or take other measures to stop the source attack. Intrusion Prevention Systems is block attacks real-time, rather than at the same time or after. It is said that intrusion prevention system is based on the intrusion detection system, make up a firewall, anti-virus, intrusion detection systems, patch management, responsive security solutions deficiencies. Intrusion prevention system is a system, which based on intrusion detection system, added the function of firewall early. Network security prevention uses a single security and defense mechanisms.Single security technology and defense mechanisms make up for some deficiency of intrusion detection in certain extent, but it is still not suitable for high-speed network. To address the speed bottlenecks, saving bandwidth, and being dynamic adaptability and robustness, the network is divided into different regions in this paper. In the different regions, different defense algorithms will be designed for intrusion prevention in order to address bottlenecks. This paper presents a multi-intrusion prevention system.The multi-intrusion prevention system not only posses firewall technology, intrusion detection technology and other security technology, but also proposes a multi-fusion algorithm, which collect different detection algorithm. This paper is described the firewall and intrusion detection technology, and introduced researches related to the intrusion prevention technology and other hot spots in detail. It is distributed to prevent the network from different perspective which may appear safe issues, using a variety of defense technologies and methods.Multi-intrusion prevention system, which has a strong edge of the network, and flexible, adaptable, scalable high internal network, is human-centered unified management in the whole. The system absorbs a variety of security technologies in aspects of prevention. The multi-fusion algorithm using in this system makes detection algorithm associate with the different for threat warring.The simulation experiments, which using KDD'99 data set for the proposed model and algorithm, describe in detail the implements of multi-fusion algorithm. Simulation experiments have done respectively for four different attack types which contained DOS, Probing, U2R and R2L. The simulation results, after statistics and analysis, validate the feasibility of this system's detection and prevention of intrusion. |
PDF Full Text Request