Under the background that the technology adopting the active protectionpolicies --network intrusion detection system is becoming the research focus andin allustion to the problem that the concentrated network intrusion detection system can not provide more efficient protection to network, the paper analyzes, designs and implements an antetype system of a three-layered and distributed network intrusion detection system. The main completed work in the paper is in the following:1. Analyzing and presenting the framework of a three-layered and distributed network intrusion detection system which fits for the standard of common intrusion detection framework2. Detailed design of each module and the communication mode in the modules of the three-layered and distributed network intrusion detection system3. Implementing the antetype system in the Linux platform with C language4. Possessing the application testing to the systemFinally, the paper analyses the good characteristics that the system possesses, points out the deficiencies of the system and presents the aspects that need to be improved. |