关键词: 网络入侵检测系统, 多媒体数据包, 遗传算法, 择危模型

Abstract: Omission is inevitable, when the network traffic exceeds the load capacity of Network Intrusion Detection System（NIDS）. In this case, dangerous packets should be given priority to processing. The author proposed an identifying method and two particular processing methods for multimedia packets since the multimedia packets occupy a larger proportion in network flow. On this basis, this paper proposes a multithreading model for multimedia packets in NIDS based on the genetic algorithm. When omission occurs, this model can choose more dangerous multimedia packets for processing within the maximum processing capacity of different threads. Experimental results indicate that this model can help NIDS to improve its selection ability for dangerous multimedia packets effectively.

Key words: Network Intrusion Detection System（NIDS）, multimedia packets, genetic algorithm, model of choosing danger