A network intrusion detecting system using a genetic algorithm and its method are provided to extract packet information to which greater importance is given among information of TCP/IP packets, and improve a detection speed and a detection rate by checking a received packet by using only important packet information. A packet feature selecting module(11) selects at least one reference field for determining whether a network has been invaded or not by applying a genetic algorithm using an evaluation function to which importance of each packet field is reflected. A packet gathering module(12) gathers packets existing in a network. A packet pre-processing module(13) extracts information of a reference field selected by the packet feature selecting module(11) among the gathered packets. An intrusion detection engine module(14) determines whether the network has been invaded or not by using information of the extracted reference field.
展开▼
