| As the developing of internet, the danger and possibility of network intrusion become larger. Therefore, the most important task for information's development is to improve the ability of safe protection, reaction and self defense. As we know, it's too difficult to take traditional safe policy or technique against the attack, such as Firewall. Now, taking more attention on intrusion detection system (IDS) study and ensuring system's security becomes a key in the field.The present method for using IDS is divided into two: characteristic detection technique and anomaly detection technique。Characteristic detection system is more efficient in detecting known attack, but no useful for the unknown. Compared with it, anomaly detection system is used to detect unknown attack without the professional knowledge of the detection system's secure deficiency. There are usually statistics method, machine study method, expert system and data excavation technique. The defect of anomaly detection system is higher rate of false positive and the missing of detection, also it is very difficult to compute and update the user's outline and system's act.Immune system can successfully prevent human body from the attack of mass pathogenic and organism outside, and is not sack to own cells as eliminating hazardous pathogen and discerning known and unknown pathogen by evolution process which own cells pass through. Human immune system is composed of innate immune system and adapted immune system. Compared with IDS, innate immune system is just like pattern matching detector of IDS, and adapting immune system is like anomaly detector of IDS. Both of former depend on the knowledge of pathogen and hacker before detecting. Similarity, the two later can produce new detector... |
PDF Full Text Request