Distributed Intrusion Detection System

With the popularity of the Internet and computer technology continues to develop, computer information systems in various industries are playing an increasingly important role, has become an important factor impacting on the corporate, government, and even military combat. In the meantime, as the Web grows more complex, the scale of rapid growth and the illegal invasion have continued to increase, not only to businesses and individuals causing huge economic losses, but also becoming a threat to national security and social stability. Intrusion Detection System effectively compensate for the traditional security protection technology deficiencies, which have greatly increased the safety and security of the system and reduce the the harm to the system that security threat caused.But with computer technology and network technology continues to develop, corresponding to Intrusion Detection Technology also put a higher demand. Researchers can no longer consider security issues from a single security function, a single security mechanism, and the scope of a single security, but must be from the architecture, a comprehensive and systematic study of network security, multi-layered adaptation large distributed network environment security system.The distributed system structure and function are more complicated, especially considering the safety and system reliability, must take effective measures for simplification of the system model. Take the structure of the safety system design and analysis of ideology, can effectively reduce system complexity and improve the efficiency of design and analysis, system safety and reliability of the realization can be provided guarantee.In this paper I researched the Distributed Intrusion Detection System Model of the structure and testing technology, aimed at the establishment of a large-scale network-oriented Distributed Intrusion Detection System Model. First author on the current Distributed Intrusion Detection System for the development of the study, summed up the current intrusion detection system technology status, classification methods, a comparison of various types of intrusion detection system between the advantages and disadvantages, in particular the traditional centralized Distributed Intrusion Detection and Intrusion Detection of comparative analysis. Then study the current Distributed Intrusion Detection System in the field of technological development, analysis and comparison of the various Distributed Intrusion Detection System strengths and weaknesses. And then from the perspective of system architecture, the authors put forward a set of distributed systems for convenience viable Intrusion Detection System Model, from detection engines and Management Center detailed analysis of two parts of the model describes the system architecture, system modules in the main function and its realization points, the system model workflow and deployment methods are described in detail. This paper presents a distributed intrusion detection system model, with strong operational, practical strong, and is built to meet the requirements of large-scale multi-level network Distributed Intrusion Detection System key basis.