| Nowadays, human beings have entered into the network age. However, they have to confront the severe information security problem while they benefit from the tremendous chances bringed from information revelution.As an important brance of information security field, the tranditional Intrusion Detection System (IDS) exists quite a few shortcomings. However, the immunological IDS presents a new approach for the study of intrusion detection.Immunological intrusion detection system (IIDS) is the hotspot of the research area of information security in recent years, exploring natural immunological theories, mechanisms and principles for detecting and reacting to intrusions. The thesis is dedicated to negative selection model and its application to intrusion detection.Firstly, this thesis introduces the research background and significance following with the basic knowledge of intrusion detection including the classification and principal analysis methods etc. of intrusion detection. Finally, it points out the research content of the thesis.Next, the immunological mechanism and basis characters of BIS are introduced. Then the definition, study situation, and applied flow of AIS are also introduced and the application of AIS tointrusion detection is discussed finally.Then this thesis studies the negative selection model of IDS in details. And this chapter is the foundation of the whole thesis including the definition, of Self, detection rules, the generation algorithms of detector set. Finally, the representation and characters of detector set are analyzed deeply, including the size and generation retries of detector set etc. and multiple representations on the model are also discussed.In the above content, this thesis presents a new detection rule, that is, edit distance detection rule, and based on which a new efficient generation algorithm of detector set is also presented. And through theoretical analysis, it is proved that the new algorithm has the advantage in time and space complexities over other generation algorithms based on other detection rules such as Hamming and rcb. They all are the theoretical innovation of the thesis.On the basis of the work of Hofmeyr et al, this thesis designs and establishes a prototype archtechture of immunological IDS abbreviated to IIDS. IIDS is an anomaly network IDS for LANs and is highly distributed and robust. The thesis improves the design of Hofmeyr et al on both experimental circumstance and the data structure of data pair, which is the experimental innovation of the thesis.
|
PDF Full Text Request