| Nowadays, the Internet has been developing rapidly. However, the realities that attacks lunched by hackers become more and more, and the techniques they use become more sophisticated, make the network security under a severe pressure. The techniques developed to protect the network have a bad performance when confronting sophisticated attacks, especially the intrusions have never occured before , because of the lack of adaptability and dynamics.The biological immune system is successful at protecting the animal body against a vast variety of foreign infectious. A growing number of computer scientist have carefully studied the success of this competent natural mechanism and proposed computer immune models for solving various problems including fault diagnosis, virus detection, and mortgage fraud detection.Among these various areas, intrusion detection is vigorous research areas. The main goal of intrusion detection is to detect unauthorized use, misuse and abuse of computer systems by both system insiders and external intruders. Currently many network-based intrusion detection system have been developed using diverse approaches. Nevertheless, there still remain unsolved problems to build an effective network-based intrusion detection system. As one approach (embed artificial immune system in intrusion detection system) of providing the solution of these problems.More and more researchers working on network security start to apply the mechanisms derived from biological immune system into IDS due to their adaptability and dynamics, and some significant successes are gained. However, the once definition of normal and abnormal activities makes these Immune-based IDS not adaptive in the real network environment. Moreover, the lack of descriptions for quantitive in some Immune-based ID models makes them difficult for engineering application.The main work in this paper is that a new immune based dynamic intrusion detection model is proposed. In this model, the immaturity detector is made by the method of the aberrance of self or nonself, the immaturity detector made by; this method has stronger pertinence and higher rate of survival. The new model adopt the method with integrate of detect based on misuse and detect based on abnormity, it overcome the defect of used single technique, and improves the detect efficiency of system. In addition, the definition of self used a dynamic process, and this self set can reflect the normal data of network more all-sided, and it overcome the low percentage of coverage detect for self muster.At last, simulation experiment for this new model is did, through the analysis of the result for simulation experiment, it proves that the new model and method has higher rate in making matured detector than the traditional model and method, and the new model also has higher detecting rate on intrusion detection. |
PDF Full Text Request