In essence, the intrusion detection system is a typical "spy equipment." It does not span multiple physical network segment, not forward any traffic, but only passively on the network, no noise, collect messages of concern to it. IDS data collection process is divided into phases, stages of data processing and filtering, intrusion analysis and detection phase, the report and to respond to stage four stages. Data collection phase is the data review phase. Intrusion detection system to collect the target system in the engine package and a host of data communications systems and so on. Data processing and filtering stage is to convert the collected data can identify whether the invasion stage. Stage of analysis and intrusion detection by analyzing data provided by the previous phase to determine whether the invasion. This stage is the core of the whole stage intrusion detection system, the system is used for the purpose of detecting abnormalities or to detect the use of the system or application vulnerabilities to be invaded for the purpose of BUG, can be divided into abnormal behavior and misuse detection. Report and the response phase of the previous stage for the judge to respond. If it is judged as the invasion, the system will take the appropriate response to their measures, or notify the manager of the invasion, in order to facilitate action. Recently, people on the intrusion detection and response to increasing demands, particularly the requirements of its increasingly strong tracking capabilities. IDS stage of analysis and intrusion detection techniques through the following general analysis: signature matching, based on statistical analysis and integrity analysis. Which the first two methods for real-time intrusion detection, and integrity analysis is used after the analysis. Signature matching is to collect information and known network intrusions and system misuse model to compare database, which found to have violated the security policy of the act. The process can be very simple and can be very complex. In general, an offensive mode can use a process or an output to represent.
In fact, in the odd Tiger, Rising has launched a six-month free version of antivirus software, and Baidu also collaborated Jinshan Web Edition Free antivirus software. However, these free or short-term marketing strategy, or function is not complete. In the absence of alternative profit model to find the time, no anti-virus software vendors to achieve am truly free. Zhou Hongyis "permanent free", a sort of a small poke, "hornets nest." Just said is not clear whether the final outcome of the peer stung, or are stung yourself? Zhou Hongyi commitments in the area do not enter the antivirus has nothing, he simply apology of this proposed new commitments --- "permanent free." He would like people to focus attention on the words. "Trojan horse compared to the rising threat of the importance of anti-virus has already been greatly reduced. Trojan killing costs so high, demand is so big, can be achieved for free, free antivirus why can not it?" Zhou Hongyi, such as his free move explanation.