Research Of Intrusion Detection Techniques With Trusted Computing Technology

With the emergence of some tools whick could intrude and attack the network, intrusion detection becomes a critical component of network management.As one of the security technology, intrusion detection could protect data integrity,privacy and avalibility, so it has a profound prospect. The BP neural network is widely used in intrusion detection because of its characteristics, which is forward analysis and reverse learning. However the common BP neural network's constringency speed is very slow, and it easily makes the situation of part particle. Therefore, it is necessary to improve BP neural network intrusion detection methods in order to increase learning and detection efficiency. Nowadays data protected by software cannot be entirely trusted.Trusted computing technology provide a hardware based encryption mechanism which could effectively prevent the loss of important documents and protect the log files generated by intrusion detection.The main works are:First, by using AIK certificate system based on remote monitoring and combined with the method imitates on Newtonian study,we propose a intrusion detection method based on AIK certificate of remote monitoring to seek the second rank differential coefficient of the aim matrix. Using this method can expedite the learning speed quickly and eliminate part particle. Simulation results show that the false negative rate and false alarm rate have been declined.Secondly, we use trusted computing technology on data storage by implementing remote proof and encryption mechanism, so we can use hardware to protect the key which could protect the log file came from intrusion detection and then we propose an intrusion detection data encryption methods based on trusted computing.In this way we could protect the data and effectively prevent the loss or manipulation of intrusion detection log.Third, we design an intrusion detection system based on trusted computing technology. We use intrusion detection based on AIK certificate to give user authority,if a user doesn't have AIK certificate,we will implement BP neural network on intrusion detection.Both of the methods show the rate of false or fail are acceptable, the system can be used in practice and disvover detect denial of service attack through UDP traffic curve.