The intrusion detection is a new network security technology and Intrusion Detection System forms one of the most important parts of modern computer security.Nowadays most of Intrusion Detection Systems have been using the pattern matching algorithm, this essay introduces the implement principle of the intrusion detection technology based on protocol analysis on the question of the performance bottlenecks of these systems' detect engine at high-speed internet environment.Then we propose the method of detecting attack rapidly by making use of the network protocols' high degree of regularity.In this way, the possibility of false alarm and miscarriage of justice can be reduced.And at the same time, the performance and the efficiency of network Intrusion Detection System can be improved.%入侵检测作为一种动态的网络安全技术,是计算机安全不可缺少的组成部分.目前的入侵检测系统大都采用模式匹配算法,针对高速网络环境下此类系统的检测引擎所面临的性能瓶颈问题,介绍了基于协议分析的入侵检测技术的实现原理,提出利用网络协议的高度规则性快速探测攻击的方法,借此减少虚警和误判的可能性,并提高了网络入侵检测系统的性能和效率.
展开▼
