在享受網際網路之便利與快速發展下，卻也隱藏許多網路安全危機。網路入侵偵測系統(Network-based Intrusion Detection System，NIDS)的規則資料庫日漸龐大，在新的世代裡將面臨更多的挑戰。本研究分析開放原始碼(open source) Snort網路入侵偵測系統(Network-based Intrusion Detection System，NIDS)，依主機與網路環境之不同將其規則檔(rules)重新進行調整分類，嘗試找出最適合的規則與設定，並據此調校部署NIDS。 在調校Snort之後，我們以先前蒐集之攻擊程式與惡意程式(malware)進行實驗，比較分類前後的系統資源，驗證調校的效果。經實驗證實，採用本研究新的規則分類，可節省使用記憶體(swap) 23%，也節省CPU的負載(load average) 17%單位效能。本研究更進一步發現，規則的數量，會影響記憶體的使用率；Snort的規則比對符合與否，會影響CPU的負載(load average)。所以本研究的分類規則，能有效的減少系統資源的浪費，進而提升Snort執行的效率。 With enjoying the convenience of rapidly developed Internet, many Internet safety problems were hiding within. The database of rules for NIDS (Network-based Intrusion Detection System) expanded gradually, however it faced numerous challenges in the new era. This research analyzed the open source Snort, and reclassified the rules based on distinct server and Internet environment, to attempt to determine the most appropriate rules and setting, and to deploy the NIDS accordingly. After adjustment of Snort, this research conducted experiment from previously-collected exploit and malware, to compare and verify the efficacy of system resources before and after the reclassification. According to the result, the newly adopted rules classification in this research saved 23% of swap memory, and unit efficacy load average of CPU for 17%. Further, this research discovered the number of rules influences the utilizing rate, and the fitness of rules from Snort would influence the load average of CPU. Hence, the rule classification introduced in this research may effectively reduce the waste of system resources and further improve the efficiency of implementation of Snort.