Research On The Artificial Immunity-Based Proactive Defense System

With the computer network technology developing rapidly, computer network system has became an important platform for the sharing of resources, information delivering and capital circulating, which bring far-reaching effects in the political of human society, economic, cultural, educational, military and other areas.At the same time, the computer network security issues are also faced with severe challenges. The traditional static, passive defense technologies (such as firewall technology, intrusion detection technology, etc.) do not have been able to adapt to needs of network attacks behavior changing. This thesis will be applied the principle of immune to initiative defense area, designed a mechanism based on the body's immune system of active defense - AIPDS (Artificial Immunity-Based Proactive Defense System).This thesis first using the characteristics of immunity mechanism of the three-layer (skin and mucous membrane layer, inherent immunity layer, auto-adapted immunity layer) of human bodyfor reference, proposes the architecture of initiate defense system based on the immunity mechanism of human body. focus on a specific detector (B , T-cell testing and memory detector) the generation algorithm, and gives the principle of coordination test of the B, T cells detector; In the training process of enduring body, this paper also proposes a new characteristic reflecting encoding model - AIPDS model, improving the existing model in LISYS detection process, the main test for IP addresses, IP trust mechanism is overly dependent on the shortage of ;research redirect technology, designed and implemented redirect controller, then make attacks behavior detected transfer to the trap network; establish the library of active defense behavior, achieved a information record of aggressive behavior characteristics and storage of the log file of traps.Finally, this thesis uses the Java language to achieve the code of the system. The experimental results show that the system can operate independently, be able to achieve the transfer of attacks redirect attacks and record the specific characteristics of the information, so it protect the local network Information security and normal operation effectively.