Research On Intrusion Detection Model Of Multi-layer Immune

With the continuous development of network technology and network application, the network security has become a spotlight. Nowadays, the traditional network security techniques can hardly deal with all kinds of network attacks. As an important component of network security architecture, the intrusion detection system effectively remedies the deficiencies of the traditional security techniques. Because the biology immune system has many desirable characteristics such as distribution, robustness, self-adaptability, diversity and so forth.These characteristics are just what we expected to get from the intrusion detection system.Naturally, many researchers employ artificial immune principle in the intrusion detection systems.The research on intrusion detection system based on biology immune principle has become a hot spot of network security in recent years.In this paper, author deeply studies the current intrusion detection technology, for the problems and shortcomings of traditional intrusion detection technology, combined with the biological immune principle, proposed a new intrusion detection model of multi-layer immune. The model is based on the multi-layered defense structure and interaction of immune system, using a two-tier structure, the first layer is the inherent detection layer, based on the innate immunity principles of biological immune system,the second layer is the adaptive detection layer ,based on the adaptive immune principles of the biological immune system. This article designs and analyses the working mechanism of the model and the working principle of each module in detail.The detect rate of intrusion detection system is mainly decided by detector coverage to non-self space, while the negative selection algorithm is mainly adopted by generation of system detector, but the detector generated by the algorithm has a lot of superposition which influences seriously the overlay space of the detector and imperfect coverage to non-self space, so the detect rate is reduced. To address these issues, the article research on detector generating algorithm and coverage based on biological immune, put forward an improved variable radius of real-valued negative selection. The algorithm modifies the variable radius of real-valued negative selection algorithm, using classification method to generate detectors and increasing the coverage of non-self-body regions for detectors.Finally, the experiment uses the KDD Cup 1999 data set as the test data of intrusion detection system. The experiment results show that the detector can be can be very good coverage nonself regions, thus enhancing the system's detection rate.