Study On Multi-Agent Intrusion Detection System Based On Artificial Immune Principles

The only road in the future of enterprises is the Electronic Commerce. With more and more corporations make their core business on-line, the network security is becoming an important question at present. The traditional secure methods are not adaptable to the more and more complex network situation any more. Under the circumstances, the intrusion detection as a kind of more diverse and more depth safeguarding mechanism becomes a key research area of the network security. However, the present intrusion detection system (IDS) has so many shortages and faces so many challenges that J.Kim and P.Bentley put forward the request of the next IDS.It is a novel and promising way to construct IDS which incorporates many properties of the natural immune systems, including accuracy, lightweight, robustness, diversity, adaptability, scalability and distributability. Early from 1987, when the term of "computer virus" was introduced, it has been noticed that there are many similarities between computer security systems and biological immune systems. However, after so many years, the mechanisms which have been employed in the computer security and network security are still the artificial immune principles. The work of Forrest, Dasgupta and Kim is important in the study of the IDS based on artificial immune principles.The purpose of the research includes: (1) have a good grip of the principles and mechanisms of the immune system, in particular that can be applied in the IDS;(2) have an analysis of the Negative Selection Algorithm (NSA), and put forward a kind of clone selection algorithm base on immunity;(3) realize a kind of multi-agent IDS based on the artificial immune system, including the central server, detector agent, communicator agent, decision agent and so on. The agents work synergistically to realize the fast and real-time intrusion detection; (4) test the IDS in order to verify its superiority in detection performance.The main work and contribution of this paper includes:Firstly, this paper presents the existing literature with the intrusion detection system, introduces the basic concepts, history, present technology and the state of research and development, points out the shortage and challenges of present IDS, and illustrates the request of the next IDS.