With the increasing invasion affeirs and the improved attack levels, on the one hand, network infection, virus and intrusion attacks accelerate, on the other hand the response to network attacks are increasingly lagging behind the time. To resolve this contradiction, the traditional firewall or invasion detection technology can not meet our requirement. For the new attack methods often can not be correctly identified by these passive defense teclmologies, and thus lapse into a passive position, which requir...