The intrusion detection is a new network security technology and Intrusion Detection System forms one of the most important parts of modern computer security. Nowadays most of Intrusion Detection Systems have been using the pattern matching algorithm, this essay introduces the implement principle of the intrusion detection technology based on protocol analysis on the question of the performance bottlenecks of these systems' detect engine at high-speed internet environment. Then we propose the method of detecting attack rapidly by making use of the network protocols' high degree of regularity. In this way, the possibility of false alarm and miscarriage of justice can be reduced. And at the same time, the performance and the efficiency of network Intrusion Detection System can be improved.