高速入侵检测是当前网络安全领域研究的热点问题之一,而高速分流设计是高速入侵检测的一个关键技术。基于网桥的高速动态分流设计利用Linux网桥的防火墙架构,按照动态负载均衡的分流算法在数据链路层对网络数据包重新封装,再路由到各个探测器中,该方法针对入侵检测的分流特点,能够转发所有网络层数据,且成本低、易控制、扩展能力强。实验分析表明该方法在高速网中具有动态负载均衡的效果。 High-speed intrusion detection is one of the hot issues in the field of network security, and high-speed offload design is a key technology in high-speed intrusion detection. Bridge-based high-speed dynamic distribution design using the Linux bridge firewall architecture, in accordance with the dynamic load balancing shunt algorithm in the data link layer network packet re-encapsulation, re-routing to each detector, the method for intrusion detection shunt Features, can forward all network layer data, and low cost, easy to control, scalability. Experimental analysis shows that this method has the effect of dynamic load balancing in high speed network.