| With the development of network technology, the security problem of computer networks is becoming more important day by day. The problem mainly includes the information security in transmission and storage in network. Because the traditional network security techniques, such as FireWall, IA(Identification and Authentication) and so on, are passive defense, the intrusion detection technology is necessary. Nowadays, the intrusion detection is one important task which fulfills active defense to networks and information. IDS(Intrusion Detection System) is analogous to the IS(Immune System). The problem of protecting computer systems from malicious intrusions can similarly be viewed as the problem of distinguishing self from dangerous nonself(In term of IDS, self patterns represent acceptable and legal events; nonself patterns represent unacceptable and illegal events). Immune systems provide a naive template for researching and developing network IDS. So, the research of IDS inspired by biological immune system is one hot point after neural network and evolving calculation. The goal of the research is to solve network intrusion detection problem using immune principles, architecture and algorithms extracted from immune system. This dissertation spreads its discussions around the issue of network intrusion detection based on immunulogical principles. An immunnological model of distributed detection, called negative detection, is studied. The emphasis is on improving the method of intrusion detection and the negative selection algorithm. The primary works of the dissertation are as follows: (1) The statistical data indicates that there are high-frequency connections in LAN, and these connections is sparse. Based on the statistical data and its characters, the method of the negative detection is improved. The method for improvement is that a filter is constructed with these high-frequency connection patterns. It reduces the matching times, and improves the detection efficiency.(2)The negative selection algorithm is analyzed in detail and improved. The detectors generated by the original algorithm match each other. The improvement aimed at generating a set of detectors not matched each other, and increasing the coverage of the detectors at the same time. And the correctness of the improved algorithm is proved theoretically.(3)In addition, the comparison between the original algorithm and the improvedalgorithm is provided, and the experimental results indicate that the total coverage of the detectors generated by the improved algorithm is improved.Finally, the dissertation summarizes all the research work mentioned above and discusses the next work in this field.
|
PDF Full Text Request