Network intrusion character configuration method and system

The invention discloses a network intrusion character configuration method, which comprises the following steps of: 1) respectively setting a configuration mode for flaw related characteristics and a configuration mode for non flaw related characteristics; 2) establishing a flaw-characteristic correspondence association list, wherein the correspondence association list comprises two fields, namely a flaw name field and an attack characteristic identifier field; 3) scanning a user system to acquire a network security flaw list; 4) searching related characteristics of the network security flaw list of 3) according to the flaw-characteristic correspondence association list established by 2), wherein the flaw related characteristics found in the network security flaw list are called by a joint name, namely the flaw related characteristics, and the characteristics which are not found are called non flaw related characteristics; and 5) setting the configuration modes for the flaw related characteristics found by 4) and the non flaw related characteristics according to the configuration modes set by 1) so as to form an IPS characteristic set configuration example.