Research And Implementation Of Parallel Instrusion Detection Technology In High Speed Network Environment

With the rapid development of Internet, the network has become a part of people's work and life. However, with the emergence of a large number of network applications, the network attacks are emerging, network security is becoming more and more serious. Nowadays, intrusion detection has become a key technology to ensure network security. But in the face of the high-speed network environment, the traditional intrusion detection system has been unable to bear such a large traffic load. Therefore,the research of intrusion detection technology in high speed network environment has important practical significance, and it is an indispensable security guarantee in the process of the development of the Internet.Research on intrusion detection of high-speed network technology this paper has done in-depth research and analysis, detailed analysis of the difficulties faced by the intrusion detection technology under high speed network, and the investigation of the current domestic and foreign researchers put forward solutions, eventually led to the load balancing technology is important for intrusion detection system, and introduces the load balancing technology. On this basis, this paper proposes an improved load balancing strategy, and designs a set of load balancing model including static and dynamic scheduling. This model uses an improved consistent hashing algorithm to achieve the load balance of each test node in a parallel intrusion detection system. In the initialization phase, the"equal interval polling mechanism" is used to determine the location of the virtual nodes, and the dynamic scheduling of traffic is realized by Rank re mapping of the virtual nodes when the load is unbalanced. At the same time,through in-depth analysis of the existing intrusion detection system,propose a method based on the minimum PPS (packet per second) "the dynamic flow scheduling strategy, when the system load is not balanced to make the system load steady equilibrium, avoid the load oscillation phenomenon of traditional load balancing technology. This algorithm replaces the traditional load balancing in the operation of a large number of traffic by the operation of a simple remapping of virtual nodes, which makes the performance of the system has been greatly improved, with a high load balance. And by using the characteristic of hash, the system can be quickly and timely reduced without affecting the system operation, and the stability of the system is greatly reduced.Based on the improved load balancing strategy, this paper designs and implements a set of intrusion detection system. Through testing, the system can meet the performance and stability requirements of intrusion detection in high-speed network environment.