| As the development of computer network, the Intrusion Detection System is becoming the indispensable part of network security safeguard. It also is a new type of real-time safety protection technology after traditional security protection method such as firewall, data encryption and so on..The paper introduce the basic concept of the network security and the intrusion detection, the classification of the intrusion detection system, the intrusion detection technology, the intrusion detection status analysis, and the evaluation of the intrusion detection system are presented mainly; and the existing problems and trend of the intrusion detection system are pointed out.On intrusion detection system,The paper study a network intrusion detection system named Snort, Then designs a test Platform of the Distributed Intrusion Detection System by using windows-based Snort software. The configure items of Snort and Analysis-control-consoles are listed in detail. Intrusion, data and the attack info are displayed by ACID, and the results of the operation are analyzed.Improved the efficiency to meet the requirement of communication becomes the typical problem. Pattern matching algorithm is a core technology of the rule-based intrusion detection system., this paper analyses the Pattern matching algorithm of the network intrusion detection system,and select the BMH algorithm to research by comparing. The paper is presented an improved algorithm based on the BMH algorithm, and have the possibility of a pattern string with the greatest amount of movement m+2. The algorithm can obviously reduce the times of string matching and improve the pattern matching speed. In particular, the greater the amount of information on the text file, the longer the string to be matched handling, improved algorithms is better. |
PDF Full Text Request