The Research On Enganced Cost-Based Auto Intrusion Response Systsm

With fast development and popularity of Network, Internet becomes more indispensable in modern society. The security of Internet is very important, more and more computer virus and hacks attract people's eyes.The intrusion response system becomes very important. The study of defense are mainly in detecting the intrusion. Intrusion detection as an important way to safety, it can provide the capability of finding the intrusion events timely. Of course, the aim of protection also includes intrusion response. However, the response means is mainly manual response, so the capability of response is limited in time, and this method is not so effective to automatic attacks. This situation needs imminently automatic intrusion response technologies.Now, the study of automatic intrusion response system is at elementary period, relavant technologies are not so mature. The response tactics usually use the modle which bases on classification, so it considers simply determinative factors, and the reasearch is nearly blank in how to use the feedback to adjust tactics, therefore, the effect and rationality are not so fine.The paper is researching on auto-intrusion response system and provides a new modle. The primary work is as follows:First, two key contents of the response decision are solved by AHP and Least Square Method, which builds decision modle with strong pertinence, effective validity, low cost and negative effect. Moreover, Choices of the best response tactics and whether it response or not are analysed, which is based on the theory of SVM and analysis of historial datas. Meanwhile, it evaluates the cost of aim-action- tactic.After responsing the primary intrusion, conception of regulating response effect is presented, Making the safe-guard system more resonable by adjusting automatically the unreasonable primary response.Second, System design and method develop the work by C language. An intrusion response system with consummate function is got by designing the databank. Testing the abundant datas in the experiments which simulate the intrusion and analysing possible problems, the paper applies with cherish experience and farther direction.