Intrusion Detection System Research And Implementation Based On Intelligence

In the information age, nowadays, intrusion detection system is a kind of active safety technique, and it provides protection from internal attacks, external attacks and mistaken operation. Therefore, it can offer service from different angles, which makes it one of the research focuses of security field.This paper is begun with the theoretical knowledge, gives the intrusion detection's concept, basic principle and the primary steps, and introduces the classification of the intrusion detection technology, and the basic structure and the function of intrusion detection system. Then we analyze the Snort, a famous network intrusion detection system, and build a simulated platform to carry on the attack and defense that is to research and development under the laboratory environment. Thus we understand the system's working deeply, as well as, has laid the foundation for the intrusion detection's related intelligent algorithm at the next step. Regarding each composed module of the intrusion detection system, the paper analyses the key focuses from capturing the data package, building the signature database of characteristic, protocol analysis, the primary data pretreatment, intrusion analysis and so on, and then explains the technology and necessary theoretical knowledge which these work must be used according to the examples and experiment.For the problem that the samples to be few, the characteristic to be much, it is difficult that incorporating the practical experience and the existing algorithm, we applies the Interactive Genetic Algorithm(IGA) into the Intrusion Detection Technology, makes use of the actual situation that the experts'experience and the users'feedback can improve the overall detection performance of IDS, incorporates the characteristic of Support vector machine (SVM), then designs the classified recognition algorithm after improving. Through the simulation experiment drew support from standard data set KDD1999, it is found that the application of improved Interactive Genetic Algorithm incorporating with SVM, its correct recognition surpasses traditional Genetic Algorithm, and this paper's method applied in Intrusion Detection domain is effective, feasible.Finally, we discuss the theory of Set Pair Analysis which has been used successfully in many different domains in recent years, according to the understanding of Set Pairs and attainment from the research of intrusion detection formerly, we suppose a intrusion detection model based on Set Pair Analysis, through the simulation experiment drew support from standard data set, it is indicated that applying Set Pair Analysis to the intrusion detection is feasible and effective, and make the plan and forecast for the next step work.