| With the development of the Internet, the rich resources on internet bring users so much convenience as well as problems of security the users must face with at the same time. Nowadays, there are more and more attacking means and the intrusion means are continually updating. The losses resulting from network attacking are inestimable, so especially the government and military organizations bring forward higher requirements to the network security. The common mechanism against attacking is firewall, which is passive and difficult to detect a lot of attacks, especially those coming from the intranet. Intrusion detection makes up the disadvantages of the traditional security technology and result in active defense. By analyzing the information coming from networks, such as performances, secure logs, audit data and other attainable information, intrusion detection can find some attempts that will or have crashed into the system and takes relevant measures against intrusions.The research into intelligent technology in intrusion detecting system is hot in network security research at present. There are some common intelligent technologies, such as neural network, genetic algorithm, fuzzy technology and immune principle. Neural network has the advantages of self-organization, self-study and ability of generalization. Applying neural network into intrusion detecting system will endow it with good recognizing ability to the unknown attacks as well as to the known ones.This paper summarizes the basic concepts of intrusion detecting system and neural network and the disadvantages of present intrusion detection. It proposes a new method of training neural network with the checking function and compares it with other training networks of single swatch and batch swatch. According to the characters of attacks towards TCP/IP protocol, it proposes that data packets captured on the transferring layer be classified into three types (namely UDP, TCP and ICMP) and then encoded respectively and input into three different neural networks to be trained and tested. Through the method proposed here, a model of instant intrusion detection system is designed and achieved based on neural network, which is universal and extendible and can flexibly adjust the parameters of the network structure and training and furthermore, may develop into a moreaccurate network intrusion detecting system. At the end of paper, experimental designing and results are presented, proving the method of training neural network with function of detection is effective and proving the idea of disposing data packets respectively can reduce the time of training neural network and improve the precision of neural network detection. |
PDF Full Text Request