提出一种基于散列方法的快速的网络数据包攻击检测算法。主要探讨两个问题:一是如何将散列方法运用到网络数据包的攻击检测,合理地解决散列空间的压缩、散列函数、特征字符串、规则库等使用散列方法进行多模式匹配带来的几个问题;二是分析散列法的优越性,对运用该方法的入侵检测系统性能进行了预估。通过双数组散列空间、快速而有效的散列函数、选择特征字符串等策略,加快检测的速度。 A fast algorithm of network packet attack detection based on hash method is proposed. This paper mainly discusses two questions: First, how to apply hashing to attack detection of network packets, reasonably solve the hash pattern hash, hash function, feature string, rule base and so on. Bring several problems; the second is to analyze the superiority of the hash method, the performance of the intrusion detection system using this method is estimated. Through double array hash space, fast and effective hash function, select features such as character string strategy to speed up the detection speed.