The Research On Network Intrusion Detection Algorithm Based On Artificial Immune

The problem that the intrusion detection system and the immune system need to solve can be described as recognizing self and non-self,and eliminating non-self.The immune mechanism can use for reference for improving computer security.By researching natural immune system simulated,probably,the computer security system can get many ideal characteristic.The intrusion detection based on immune use the principle,rule and mechanism of biologic immune system to realize the detection and response of intrusion action.The purpose is to use the principle,system,algorithm which abstracted from immune system to solve the problem of network intrusion detection better. The thesis analyzes and researches the network security,the biologic immune system,intrusion detection and the network intrusion detection based on artificial immune firstly.Then it analyzes and compares the existing network intrusion detection algorithm based on artificial immune,and improves the linear time detector generating algorithm for the deficiency.The primary works of the paper are as follows: (1)The thesis analyzes the network security,technology of intrusion detection,network intrusion detection based on immune. (2)The thesis researches the biologic immune system.It includes the immune mechanism,such as immune response,specific recognition,self tolerance,clone selection,negative selection,self and non-self recognition.Besides this,it includes the structure of immune system,immunocyte and the character of immune system. (3)The thesis analyzes and discusses the network intrusion detection theory based on artificial immune.It includes the definition of self set,generation rule,Hamming matching rule,r -contiguous bit matching rule, r -chunks matching rule,negative detection model and factors which may affect the performance of system. (4)The thesis analyzes the network intrusion and existing network intrusion detection algorithm based on artificial immune.Based on the analyse,the detectors generated by the linear time detector generating algorithm are redundant,the cost of time and space of the algorithm are exponential in r ,and the cost of algorithm is affected more by r ,so the thesis improves the linear time detector generating algorithm.For broadcast LAN,the thesis discusses and analyzes the definition of self set.And considers the problem of life-cycle of detectors in the algorithm,gives the framework and description of the algorithm improved.The performance of algorithm and the validity of the algorithm improved is verified by experiment. At last,the thesis summarizes the whole research work,and points out the research direction of further work based on the present situation.