Research On Network Intrusion Detection System Based On Bionic Algorithm

With the continuous expansion and rapid development of the Internet,the network environment has become more and more complex and the risks are increasing.Therefore,network security has become a very important issue.Defects in the network can lead to cyber attacks and affect the privacy of users.In order to ensure the security of network information,network intrusion detection technology has received extensive attention.Network intrusion detection technology utilizes trace information left by intruders,such as failed records that attempt to log in,to effectively detect illegal intrusions from outside or inside.Due to the increasingly complex network environment,the traditional intrusion detection method runs slower and has poor recognition ability for unknown network attacks,which cannot effectively solve the existing network intrusion problem.As a new generation of artificial intelligence technology,machine learning can independently learn and train a large amount of data,which is expected to make up for the shortcomings of traditional methods and bring new developments and breakthroughs for intrusion detection.In addition,bionic algorithm,as an emerging technology to simulate the defense behavior of biological immune system,has received more and more attention in the field of computer science.Bioimmunity is a complex distributed information processing learning system with strong adaptability,diversity,learning,recognition and memory.Some models and bionic algorithms based on artificial immune systems show excellent information processing capabilities in practical applications.The artificial immune system has achieved some success in intrusion detection,but the artificial immune theory research is not mature enough.Some of the proposed detection models are not verified by actual data.In the process of researching network intrusion detection technology,there are major problems such as large amount of data,low detection rate and high false positive rate.Therefore,based on the existing research results,this paper makes relevant improvements and improvements for the insufficiency of the intrusion detection system,and studies the new network intrusion detection system.The main work is reflected in the following four aspects:1.The research background of the subject is firstly introduced,mainly including the origin of the subject and the main research contents,and then throws out the innovative points of this work.Then it briefly introduces the research of network intrusion detection based on machine learning.Then the theory of artificial immune system and common artificial immune algorithm are introduced.Finally,the shortcomings in the field of intrusion detection are analyzed,and the corresponding solutions are given.2.Aiming at the shortcomings of support vector machine(SVM)algorithm classification,a network intrusion detection model based on particle swarm optimization(PSO)to optimize the parameters of support vector machine(SVM)is proposed.In the data preprocessing part,one-hot coding is used to transform discrete data in the data set,and principal component analysis is used to reduce the dimension of features,which reduces the complexity of support vector machine and saves time.Using NSL_KDD data set,two-classification and multi-classification experiments were carried out,and the overall classification accuracy,detection rate and false alarm rate were compared with other machine learning methods.3.Aiming at the redundancy of detector set in traditional negative selection algorithm,an improved V-detector algorithm is proposed.Firstly,a detector generation algorithm with variable radius is set up.In the process of detector generation,the nearest self is added as a feature variable,which improves the efficiency of detector generation and reduces the redundancy of detector set.Then the hypothesis test method is selected when the detector termination condition is used to ensure that the detector's coverage of non-self space is consistent,which reduces the training time.Finally,a multi-level classification model is constructed by using an improved single V-detector classifier to solve the classification problem of multiple attack types in network intrusion detection.4.A new intrusion detection model is constructed by using an improved V-detector algorithm and a new artificial immune algorithm,dendritic cell algorithm.V-detector arithmetic comes from negative selection arithmetic,dendritic cell arithmetic comes from danger theory,and the combination of the two methods belongs to heterogeneous integration of different classifiers.The integration of the two single classifiers combines the advantages of the two classifiers and uses the principle of weighted majority voting to synthesize the classification results.This model is applied to the direction of network intrusion detection,which improves the recognition ability of unknown classes and reduces the false alarm rate.