| With the extensive applications of the network and other information technologies, the security of network systems has become critical. Intrusion detection system (IDS) is the key technologies to protect network systems security and is important way of net-work security, being a hot area of research and development. Because one of cores in IDS'study is the rulebase, the research on the rulebase is very important.This paper use methods and technologies of knowledge engineering to create a rule- base. First ,the paper analyzes the status of research in the IDS at this stage , puts forward to knowledge-based object-oriented attack expressed models , and uses java language to realize knowledge expressing of an attack. After this, the paper studies and analyzes the design of rulebase of network intrusion detection system (NIDS), and dis-cusses the framework of rulebase for NIDS. The rulebase is based on the object-oriented knowledge presentation models, and syncretizes concepts into a rulebase level. Finally, the paper explored ways to achieve the rulebase and its update automatically methods, and make feasible achievement programme of the rulebase.The model that the paper has proposed can express complex attacks and distributed attacks correctly and effectively. The rulebase model and programme of achievement proposed embodies a good knowledge management mechanism. It has efficient and adaptive characteristics for detection. It is hoped that this can provide reference and il-lumination for intelligent network intrusion detection systems research. |
PDF Full Text Request