基于人工智能的分布式入侵检测研究

Study on Distributed Intrusion Detection System Based on Artificial Intelligence

为了解决目前动态加载系统存在的数据处理缺陷以及系统入侵精确度低等问题,以“人工智能技术”应用为例,设计一款功能完善、实用性强的分布式入侵检测系统。首先,在完成系统架构设计和系统数据库设计的基础上,对控制中心、分区控制中心延长网络主机进行全面分析;其次,严格按照响应库相关的响应规则,制定相应的响应对策;然后,借助通信模块判断其入侵行为是否出现异常问题;再次,利用S5720S-28P-SI-AC24口核心交换机对相关数据进行交换处理;接着,选用型号为AD2032的报警响应器对外来入侵行为进行全面监视;另外,在全面分析主体通信实现方式的基础上,利用Libpcap库函数完成对入侵检测流程的科学设计;最后,从环境与参数设置、系统测试结果与分析两个方面入手,对系统性能进行全面测试。结果表明,在人工智能技术的应用背景下,所设计的分布式入侵检测系统可以获得较高的检测精确度,达到了99%,为后期安全、稳定地使用网络提供重要的平台支持。

In order to solve the problems of data processing defects and low system intrusion accuracy existing in the current dynamic loading system, a distributed intrusion detection system with complete functions and strong practicability is designed by taking the application of “artificial intelligence technology” as an example.Firstly, on the basis of completing the system architecture and database design, comprehensively analyze the control center and the extended network host of the subregional control center, and then formulate corresponding response countermeasures in strict accordance with the relevant response rules of the response library.Secondly, through the use of the communication module, the intrusion behavior is judged to determine whether the intrusion behavior is abnormal.Again, use the S5720 S-28 P-SI-AC24-port core switch to exchange related data.Then, through the selection of AD2032 alarm responder, a comprehensive monitoring of external intrusion behavior is carried out.In addition, based on the comprehensive analysis of the main body communication implementation, the Libpcap library function is used to complete the scientific design of the intrusion detection process test.The results show that, under the application background of artificial intelligence technology, the distributed intrusion detection system designed in this paper can obtain high detection accuracy, and its accuracy reaches 99%,which provides an important platform for the later security and stable use of the network support.