International Journal of Research

Network intrusion detection system is a retrofit approach for providing a sense of security in existing computers and data networks, while allowing them to operate in their current open mode. The goal of a network intrusion detection system is to identify, preferably in real time, unauthorized use, misuse and abuse of computer systems by insiders as well as from outside perpetrators.

At the heart of every network intrusion detection system is packet inspection which employs nothing but string matching. This string matching is the bottleneck of performance for the whole network intrusion detection system. Thus, the need to increase the performance of string matching cannot be more exemplified.

 Meanwhile, aiming at several key modules of intrusion detection system, a detailed analysis of packet capturing module, protocol dispensation module, feature matching module, log evidence module and Intrusion retort module is also given in this paper.