By the popularization of network technology, the computernetwork has been the most important part of human life. Thesecurity of computer network becomes more and more beingrecognized since the gradual proportion increasing of computernetwork. The loss by hacker and other kinds of network attacklike virus is increasing fiercely. So to enhance the computernetwork security is quite important.The latest technology of network security is like firewall,access control and encryption technology etc. Intrusiondetection system is the useful supplement to those abovetechnologies, which can help the network administrator to findout kinds of intrusion attempt and intrusion action in time,and to take effective action rapidly to enhance the integralityof network system.The thesis firstly introduced the current status and ofresearch on computer network security technology. Secondly,introduced the development history of intrusion detectionsystem, classification and standardization of intrusion detection system, CIDF&IDWG. The thesis mainly analyzed themodules of intrusion detection system including networkpackets capture module, packets decode module, rules parsemodule, testing and analysis procedures module and respondingmodule,and achieved a network-based intrusion detection systembased on Windows platform.The thesis discussed multithreading and covers multithreadingtechnology in the whole system and effectively keep the systemwith load balance, and avoid the negative performance in highspeed network.Rules parse module is the core module which is analyzed at theend of the thesis. The effective improvement method isemphasized and a very distinct improvement of whole system hasbeen realized. |