Research Of Intrusion Detection Model And Algorithm Based On Immune Principles

The security problem of computer networks is becoming more and more important.Intrusion detection technology is important research task which fulfill the active defense to networks.Intrusion detection system has so similar function with immune systems that it could provide a naive template for R&D network intrusion detection system.The goal of this research is to solve network intrusion detection system problem using immune principles and algorithm extracted from immune system.The primary contributions of this dissertation are as follows:(1)Design of a network intrusion detection model based on improved DynaniCS.Firstly,describe the problem of intrusion detection strictly by set theory. Secondly,design the new intrusion detection model based the immune principles. Then researching and analysing the architectural framework,the work principles and the primary features and problem of this model.(2)Described the algorithm of the detector tolerance modules and intrusion detection module which are main modules of the dynamic network intrusion detection.Intrusion detection module is the key module,and its algorithm is based on the dynamic clonal selection algorithm(DynamiCS) proposed by Kim and Bentley in 2002,in order to improve the detection rate and reduce the false alarm rate and Undetected rate of the system,the content of this article are as follows:Improvement of the r-continuous-bit algorithm.Affinity calculation is a key part of the model,Affinity calculation directly affects the efficiency and complexity of the model.for the shortcomings of r-continuous-bit matching rules,this paper proposed an improved r-continuous-bit algorithm calculation the Affinity.Introduction of Controllable variation and random variation.Controllable variation can improve the dynamic clonal selection algorithm,selecte the better high-affinity variants into the memory detector bank,and they dominate the immune response.The introduction of random variation can eliminate the Local extremum in the affinity spectrum,the antibody affinity changes in a wide range of search,so that variation can be to cross the Local extremum and towards to the greatest affinity points.the introduction of dynamic memory detector demotion mechanism,using the least recently(LRU) algorithm for dynamic demoting,the purpose of intrusion detection system is to improve the dynamic adaptability.For those who have lost their ability to detect high-detection device,according to a recent match to the unusual time,out of a certain proportion,so the collection can be created to accommodate new memory detectors,expanding the range of detector.(3)Validation of usability and creativeness of the model using numericsimulate technology.Firstly,put forward the aim of test.Secondly,build theneeded datasets of simulate test.