With the increasing popularity of the network, it security issues has become increasingly severe, the traditional firewall and intrusion detection technology has been insufficient to deal with, a new intrusion prevention system urgent need to develop out. In this paper, in order to reduce the false alarm rate and missed alarm rate of detection engine of the traditional intrusion prevention system and enhanced intrusion defense system active defense capabilities, so the paper gives an implementation programs based on immune principle of intrusion prevention system detection engine and study the feasibility of honey pot technology and intrusion prevention system together and thus proposed a new intrusion prevention system model. In this model, the intrusion prevention system really has the ability of real-time defense and attack defense.
展开▼