Based On Immune And Mobile-agent Ids Detector Model

With the development of network technology and scale, Internet brings us opportunities and many network resources. But hostility intrusion comes too. How to make sure the system and network's security as the network intrusion affairs keep growing is becoming more important now.Intrusion Detection System (IDS) is an important part of network security architecture. There are many commercial Intrusion Detection Systems nowadays, but almost all of them have the commonalities that they cannot detect the unknown attacks. The way of resolving this problem is to improve the Artificial Intelligence of IDS. The merits like self-tolerance, distribute, robust, auto-adaptation, multiformity, auto-organization that simulating from the biologic immune system make Artificial Immune System (AIS) has better Artificial Intelligence that can fetch up the disadvantages of IDS such as low accurate rate, high false negatives and false positives rate perfectly and it is able to detect unknown intrusions too. Recently, the IDS based on AIS has becomes the hotspot of the new IDS technology.In recent years regardless of invaded the detection technology from the scale or the method to have the change, developed toward the following direction: intrusion either attack integration and complication, intrusion main body object indirect, intrusion or scale expansion, intrusion or attack technology distribution, attack object shift. Some distributional intrusion detection systems were only have realized in the data acquisition distributional, but the data analysis, the invasion discovery completed also by the single procedure. Such structure has the following disadvantages: the extendibility is low, the single point expire, the system to lack the flexibility and configurable, lack of the compatibility, the system is frail. The intrution detection technology will face the distributional intrution detection, the intellectualized intrution detection, the comprehensive safe defense plan development. At present international and the home the scholarly research which unified in the computer immunity and the Mobile-Agent technology just started, was not mature.In view of the above questions, this article contains the following works: 1. Based on computer immunology's principle and the mobile agent technology propose a network, distributional, the intellectualized intrution detection system and make a details discussion.2. The improved clone selection algorithm was applied in the intrution detection system, detection to the network data package, and using the characteristics of the algorithm to distinguish the normal data and the unusual data ,make it have a organic intergration to the actual network intrusion.3. We also make a experimental analysis about detector's two mainly aspects:detection rate and the rate of false.The results show that it improve the detection rate and lower the rate of the false.