Abstract: Excluding the main issue of intrusion detection system (IDS): implementation of intrusion detection algorithm, this paper concentrates on other issues of IDS: sensor and analyzer, and proposes some advices that can improve the veracities, the throughout and the self-study abilities of the IDS via the studies and analyses on sensor and analyzer. Based on it, some ideas are implemented to a distributed intrusion detection system (DIDS) model that most of certain intrusion detection algorithms can be applied to it. Meanwhile, the advantage and disadvantage of the DIDS model are discussed.

Key words: Intrusion detection system (IDS), Sensor, Analyzer, Distributed intrusion detection system (DIDS) model

摘要： 避开入侵检测系统的核心问题——入侵检测算法的具体实现，通过对有关感应器、分析器问题的研究分析，提出了一些有利于提高入侵检测准确率、提高系统吞吐量、提高系统自主学习能力的建议。以此为基础，给出了一种不受具体入侵检测算法限制的分布式入侵
检测模型，分析了该模型的优缺点。

关键词: 入侵检测系统, 感应器, 分析器, 分布式入侵检测系统模型

CLC Number: 

• TP309