The invention discloses a Hadoop-based distributed intrusion detection system which comprises a data acquisition module, a data storage module, a control center and a data analysis module, wherein the control center comprises a system management module, a system monitor module, a task scheduling module and an alarm response module. By utilizing a Hadoop-based distributed computation framework, the system is allowed to have good interoperability, and the system reliability is improved; the system carries out data parallel acquisition through a distributed mode, thereby improving data acquisition capability and reducing packet loss probability; in an algorithm adopted in the system, data is allocated according to capacity and load of nodes, and adjustment is carried out by utilizing a dynamic load balancing strategy, so that data processing capacity of the nodes is given effective play to, and load balancing of the system is maintained; and through the algorithm, the case of distributing the data comprising the same attack to two or more detection nodes for processing separately, which damages integrity of the data, is prevented, and detection efficiency is improved effectively.