An Intrusion Detection System Model Based On Biologic Immune Mechanism For The Security Of 3G Communication Network

Along with the wide application of mobile communication technology in people's daily life and movement of related network, businesses of mobile communication have developed from the basic voice communication and message sending into Internet browsing, multi-media data like voice and video frequency transfers, and types of characteristic data business, which constructing on mobile Network. When the second generation mobile communication Network cannot meet requirements of mobile network service, third generation mobile communication network emerges on its base as time requires. To compare with standards of second generation mobile communication network ,third generation mobile communication network standards offer bigger system capacity, better communication quality, realize seamless roaming within global range , simultaneously pay more attention to supply a variety of mobile data and multi-media business. Go with improvement of third generation mobile communication standards and practical application of internet, third generation standards have already become mainstream following communication standards.We are enjoying the practical and convenient service from third generation mobile communication network, meanwhile, the security of mobile network has been suffering baptism:first came the service embezzlement, spam messages and viruses, Trojan Horse which transmit by mobile network; and then appeared on wireless network menace used to transmit by traditional network, because of the variety of mobile network service, high width of flow, opening of business interface . Ceaseless menace impel us to pragmatize issues of information security of mobile network. How to improve communication and correspondence qualtiy , offer characteristic various service and variety of wireless data business, meanwhile, efficiently guarantee that security of information in wireless network has become a key problem to restrict development in mobile communication technology.The third generation mobile communication network was developed on the base of first and second generation mobile communication network, so it has great progress on aspect of security. Even the security has greatly improved, there still exists potential security problems, which are hard to overcome, that is internet Protocol .The character of third generation network is internet Protocol, the evolvement of Third Generation Partnership Project Standards is also a course impending to internet Protocol, that is say all flow related to third generation has to regard internet Protocol as bearing structure. Core net of third generation has not only adopted to bear internet Protocol in Packet Switched domain, but also in core net of Circuit Switched domain, and then can it bear transmitting media flow and signal between core network. Moreover, if the danger brought by the opening of internet Protocol network itself, it will have great effects on normal operation of the third generation network, which born on internet Protocol.My research starts from how to strengthen the security of third generation network.After detailedly comprehending and studying the transmitting standards, network structure, network equipment of third generation network, construct a safe network security model controlled by host computer, in accordance wtih internet Protocol, double-network construct in core and extension, together with main network unit construct.To the potential security problems exists in the second generation mobile communication system, the third generation mobile communication system provides a more perfect security speciality and guaranty service. For instance, we can realize Mutual Authentication, effectively prevent from attack of fake base station, simulated phone embezzlement, and furnish security mechanism, which meets complete protection from signaling link data and increases key length to 128 bit. Yet, nature of the above security services is kind of passive defending measure, which can only redeem the known security problems while have no effect on unknown security problems. Therefore, to construct an active defending technology that can effectively tackle unknown security menace is another key point in my research.IDS(Intrusion Detection System), as an active defending technology, which develop quickly these years, has great comparability both in function realization and structure arrangement as network security model controlled by host computer, that is what I expect ; so I have use IDS as reference on security model construction.How to determine standard database is a key point to construct an effective Intrusion Detection System, which is also a nodus.To a closed monosystem, we can determine its standard database from the original state. While to an open multi-system, original state can only determine self standard of one point; when the sytem perform data exchange and updating, the self-definition is a dynamic changing volume, that is to say standard database a dynamic changing volume also; how to determine self-data and non-self-data among the huge data group is not only precondition to correctly construct a standard database, but precondition whether Intrusion Detection System can reach technology requirements. The traditional way to construct standard database was to build a junior database basing on large numbers od experiments, and then update and maintenance the standard database in accordance with the practical operation and requirements artificially, which low down the timing and autonomy characters of standard database, and is hard to tackle accident, say nothing of active defence.In order to improve self-defence quality of the system, truly exert the standard database and match strategy, I have imported artificial immune arithmetic in comparing function of systemic match strategy. By its characters like dynamic state, adaptability, robustness, self-adaptability, autonomy, self-testing and mistake endurance, we can remedy shortcomings of Intrusion Detection System exists in feature match and system construction. Artificial immune system has developed basing on immunology, especially theoretical immunology, and biological immune system is a sample that self-adapt to deal with system in a large scale, which provide an excellent research sample to design artiflcal immune system. Nature immune system is a complex self-adapt system to prevent human body from outside pathogen, simultaneously divide all cells or molecules inside body into self-belong cells or non-self molecules belong to outside. This kind of taxonomy is one of the import points for artificial immune theory to study and discuss, also a precondition for importing the theory in intrusion detection system, which provide a good arithmetic for feature match strategy.After determining a good academic base for the system, I have used immune theory in human body's structure model as reference for systemic structure design, except construction model for Intrusion Detection System,, made a modularized network structure controlled by centrality, which can perfectly adapt arrangement of third generation network and provide a better structure base for the following update.In accordance with characters of third generation network and structure itself, the thesis has combined advantages of new type of computer with Intrusion Detection System and network defence system on aspect of active defence, also referred to immune arithmetic and existed immune models. To integrate third generation network, Intrusion Detection System and immune model together, can form a intrusion system model in third generation mobile communication network based on immune mechanism, which has functions of integer defence, active defence and unknown defence, and finally improve the safety of third generation mobile communication network.