| Most traditional intrusion detection systems (IDS) are based on expert system, lack of adaptive capability and can't detect unknown attacks effectively. Artificial immune systems (AIS) are computing systems, inspired by theoretical immunology and observed immune functions, principles and models, which are applied to problem solving. IDS and AIS have strong similarities in many features. Applying AIS to intrusion detection can improve the efficiency of intrusion detection.Followed by a detailed explanation of the biological mechanisms in artificial immunology, an IDS model based on AIS is proposed, which consists of three subsystems and a control center, and has good interaction. The design of subsystem is based on immune danger theory and fuzzy association rules mining.The core mechanism of subsystem is collaborative detection with multi-level detectors and danger signals. In order to construct accurate, self-learning, adaptive detectors, this system combines the fuzzy association rules mining and immune memory theory to construct primary immune detector and memory detectors, and also the eliminating and updating mechanism of detectors is given by learning from clonal selection theory, which effectively solves the problem of excessive self library in SNS model. Meanwhile, a dendritic cell based algorithm to sense danger is presented. Through signals correlation and quantitative calculation of the intensity of danger signals, the system can determine whether it is in danger. It improves the detection ability of unknown attacks. Experiments show that the new detectors have a better detection rate with high adaptability and self-learning ability than the SNS detectors. |
PDF Full Text Request