| With the rapid development of computer and network technologies, computer system has been developed to a complicated and interconnected opening system, which results in more serious problems of intrusion detection. The basic function of biological immune system is to recognize self and nonself, and then to classify and eliminate nonself,which has a lot of similarities with IDS system, and it make the immune system offer a natural research template for Intrusion Detection. Biological immune system of adaptive, self-learning, self-organization process of active defense for the intrusion detection to provide a new way of thinking, traditional intrusion detection methods can no longer meet the needs of a modern complex network security, how to network computers and illegal acts active and effective defense suppression, computer security has become an important problem demanding prompt solution.The hybrid BP and leaky bucket neural network model that can be employed for both anomaly detection and misuse detection is presented in this paper. The IDSs using the hybrid neural network can detect temporally dispersed and possibly collaborative attacks effectively because of its memory of past events. The BP network is employed as a real-time pattern classification and the leaky bucket is employed to restore the memory of past events. The outputs of BP network is the inputs of the leaky bucket. The IDSs using the hybrid neural network are evaluated against the intrusion detection evaluation data sponsored by U.S. Defense Advanced Research Projects Agency (DARPA). Experimental results are presented in ROC curves. Experiment shows IDSs using this hybrid neural network improve the detection rate and decrease false positive rate effectively. |
PDF Full Text Request