The Design And Implementation Based On Adaptive Network Intrusion Prevention System

With the widespread popularity of computers, especially after the invention of the Internet, our working and living style have been greatly affected. It has become a mainstream trend to use the Internet for information exchange, and the level of information technology has become a important measure standard for a country’s comprehensive strength. However, thanks to the development and improvement of computer network communication technology, the network security now is becoming a new key issue.Firewalls can resist invasion from outside of the network, but can do nothing about the damage within the network. Intrusion detection system can detect not only network intrusion from outside, but also acts of sabotage within the network. However, it is in parallel with other elements in the network,so it only have detection function, can not prevent destructive tiemly because when intrusion or attack is detected, damage is often already produced.so, Design and implementation a system which both the detection and prevention function makes sense.For the above reasons, an adaptive intrusion prevention system is prompted. This system has the advantage of boththe intrusion detection system and firewalls. As we all know,intrusion prevention system is usually serially connected in the network.It will greatly affect the performance of the network because of its weakness of the data processing capabilities.To solve this problem, adaptive capacity is added into the system. Then the system can accelerate data processing speed by using self-learning ability.The reason that self-learning ability will accelerate data processing speed can be concluded into two aspects.First, it can automatically learn the rules class of the information. when packets come, it can automatically selecte corresponding rule category for the packets.Second, it have a delay cancellation mechanism. If a sender’s behavior is considered to be an invasion or attack, then all the behavior of this sender will be isolated for a certain time. When time is up, then isolation will be canceled. This method can keep the stability of the network in case of network congestion.Finally, we made the function verification of system after implementation of the system. The result turns out that compared with the former intrusion prevention system, Both in function and in ability of processing data, there are obviously improved.