| Intrusion Detection System(IDS) is used to detect unlawful attacks for computer and network systems.Intrusion Detection is an important development area as well as firewall in network security defense system,and is also one of the core technologies in network security.At the present time,with the development of computer network technology,network bandwidth traffic is continuously increasing.The traditional intrusion detection technology has already can not meet the requirement of network technology.This paper designs a new network intrusion detection system under the high-speed network environment.And proposes new design method to improve intrusion detection speed and accuracy under the environment of high-speed network,like data collection,data streaming,packet sampling,anomaly detection.In data collection module,this paper briefly introduces two methods of data collection,and proposes implementation of data collection in this research;in data streaming module,the dynamic IP addresses dipartition is used with the basic requirements of high-speed network data streaming;packet sampling module is the core study module.This paper uses the theory of packet sampling into the intrusion detection system under the background of high-speed network.The use of high precision measurement with stratified sampling algorithm is proved feasibly in theory and application.Anomaly intrusion detection model based on program behavior is obtained to detect the sampling packets.This paper designs and implements a real intrusion detection system prototype.Experiment results show that the method can effectively improve system performance by use of OPNET network simulation software and DAPPA2000 evaluation dataset. |
PDF Full Text Request