The Research On The Fuzzy Immune Detector Algorithm

Nowadays, with the development of the computer technology and network technology, the computer system has reached to a complex, interlinked, opened-ended system from a free-running system, which results in the problem of the intrusion more and more evident. In order to protect the system sources, the active defense mechanism differing from the antivirus software need to be established.Intrusion detection is an active defense measure that can monitor the dynamic behavior characteristic of network or computer system and then examine whether there is any intrusion. Intrusion detection technology is one of the hot spots in the information security areas as the important means to insure the computer network information security. The mechanism of the IDS is similar to the Biology Immune System in nature. Biology Immune System offers the major means for the IDS research. The IDS based on the immune principle has significant development, but always exists some problems.The system model for the mutation of the known intrusion and problems of the unknown intrusion and low intrusion detection rates has been the problems of infecting the intrusion detection system's performance. High or low detection rates are decided by the performance of the detectors. Detectors are generated by Negative Selection Algorithm (NSA) in system, but these detectors are overlapping, which seriously affect the detector's covering space and depress the detection rates in intrusion detection.To solve the above questions, this article raised a new intrusion detection algorithm that improved the old NSA. The old NSA match the received data with the r-continue matching algorithm on the condition that the r was same. What's more, it used the varied r-continue matching algorithm, but it was always limited on detection rate,for which this paper referred a new improved algorithm. The new algorithm was based on the NSA, firstly, it improved the mature detector's number using the r-continue matching algorithm; secondly, it needed to be added the variable threshold value to produce the effective mature detectors. The algorithm of the variable threshold was based on the fuzzy theoretic that could reduce the number of the border detectors, thereby, to improve he hole system's detection rates and produce more valid detectors.Lastly, the better NSA enhanced the detection rates, reduced the omission rates and clipped the time, on condition that it used the new NSA. In the whole, the new algorithm was better than the old one.