摘要： 分析了高速网络环境下基于分流机制实现的NIDS体系架构，探讨了其核心部件——NIDS负载均衡器的实现及关键算法，给出了其在网络处理器上的具体实现。实验表明，基于IXP 2400网络处理器实现的负载均衡器具有成本低、研发周期短、可扩展性好的特点，完全能满足NIDS分流架构的需求，基本解决了高速网络下网络入侵检测设备的性能问题。

关键词: 入侵检测, 高速网, 数据分流, 网络处理器

Abstract: This paper introduces the architecture of NIDS data distribution system. It focuses on how to develop its key component, effective load balancer and gives the implementation using network processor. It’s proved to be low-cost, short-term and scaleable to implement NIDS load balancer based on IXP2400 by experiment. It successfully finishes the task of data distribution, so that the detection performance of the system is improved.

Key words: Intrusion detection, High-speed networks, Data distribution, Network processor