With the continuous development of network technology, inhouse network security is also increasingly subject to various known and unknown malware threats. In order
to detect these malicious programs, we designed and implemented an intrusion detection system based on integration of the depth detection technology, anomaly detection
technology, misuse detection technology. This intrusion detection system uses depth protocol analysis, behavioral analysis, feature matching, intelligent protocol
identification, protocol anomaly attack detection, traffic anomaly detection and so on. And this intrusion detection system realizes malicious programs detection through data
acquisition module, data reorganization module, data analysis module, console module and features for system management module. The system overcomes the shortcomings of
traditional single detection schemes, and can detect new generation of threats such as 0day attacks, polymorphic attacks, distortion attacks effectively.