Abstract: This article introduces the data fusion theory into the intrusion detection process，proposes an intrusion detection system model based on the data fusion，and has applied the multi- Agent technology in the system model realization process，enable the entire model having the good extension.In the data fusion process of clustering，merging and associating this article applies the D-S evidence theory，solves the problems of warning onrush，high false reporting rate，inferior question between the warning association which existed in the current intrusion detection system，enhances the detection performance of the distributing intrusion detection system.

摘要： 将数据融合理论引入到入侵检测过程，提出基于数据融合的入侵检测系统模型，并在系统模型的实现过程中应用了多Agent技术，使整个模型具有良好的扩展性。在聚类、合并、关联的数据融合过程中应用了D-S证据理论，在一定程度上解决当前入侵检测系统中存在的告警洪流、误报率高、告警之间的关联性差等问题，提高了分布式入侵检测系统的检测性能。