| Intrusion detection is the detection of intrusion attacks, which go through the collection and analysis of network behavior, security logs, audit data, and other information available on the network and computer systems within a number of key points of information, By checking the existence of the network or system security breach policy behavior and signs of attack. As an active intrusion detection security protection technology, it provides internal attacks and external attacks and misuse of the real-time protection that endangered in the network system to intercept and respond before the invasion. Therefore, intrusion detection is considered to be second behind a firewall security gate, without influence to the case of network performance monitoring network and greatly improving the security of network systems.This paper analyzed the current status of network security, technology and future development trends, focus on the intrusion detection system Snort as well as the source code in and the main function, then expand the discussion to the peer mode, and the system works. After the optimization strategy is proposed and designed in collaborative intrusion detection module, implemented and work under the collaborative detection function in peer to peer mode.Research article has been peer model based IDS,the IDS for a single point in the collaborative work of a number of deficiencies, the corresponding strategies to optimize the system performance. And in the Snort open source software in detail the overall structure of the system and the source code and under the rule base, based on the environment in WINXP stand-alone mode is established based on the Snort IDS instance and in the network mode (NIDS) under the IDS instance, and finally the design of collaborative intrusion detection module to add the instance in building and collaboration between the various peer intrusion detection IDS and exchange of invasive subset (workload) function. |
PDF Full Text Request