Research And Design On Interaction System Of Intrusion Detection Based On Artificial Immune And Firewall

With explosive development of the Internet, it brings the human society, economy and culture infinite opportunity, meanwhile, it also brings an austere problem, i.e. network security problem. In order to protect network security, people adopt a series of network security components, such as intrusion detection system, firewall, anti-virus software and traffic monitoring. But, the attack techniques are getting more and more sophisticated, attack events are becoming more and more frequent, and obtaining attack tools is easier. Many important resources may be destroyed by these attacks. Those conventional network security systems can meet requirements partly, but they have some deficiencies in whole system security. More and more new technologies are applied to the field of network security.Artificial immune system is an intelligence method of imitating the function of natural immune system. It can make up the disadvantage of intrusion detection system that possesses the low accurate rate and high efficiency of fail report and misinformation. The artificial immune has great significance to detect the variation of known intrusion and the unknown intrusion.Security interaction is a communication mechanism between security products. It can improve the cooperation among the security modules and system security in network environment. Now the interactin of intrusion detection system and firewall is a hot issue of prevention technique research. This technique united conventional network security mechanism and intrusion prevention mechanism in order to insuring system usability.An interactive system of intrusion detection system based on artificial immune and firewall, which called IIFS, is designed in this paper. This system regards Snort rules as the gene library and generates new detector in an improved dynamic clonal selection algorithm to detect network intrusion. When alert information produced, the interaction control platform generates the BlackICE firewall action in order to ensure the whole system security. When analyzing the performance of IIFS by test, Experimental results show that IIFS can detect the variation of known intrusion, response to attacks automatically, and has certain adaptability.In this dissertation, we first introduce the situation of network security, the domestic and foreign research actualities, the purpose and meaning of this research. Then we discourse upon the technologies of biological immune system, artificial immune system, intrusion detection, firewall and security interaction. After that we design the IIFS and anatomy the realization of all the modules. Finally, a summary is given and the future research directions are also pointed out.