Research On Intrusion Detection System Based On Immune Theory

One of the central challenges with computer security is determining the difference between normal and potentially harmful activity. For half a century, developers have protected their systems using rules that identify and block specific events. However, the nature of current and future threats in conjunction with ever larger IT systems urgently requires the development of automated and adaptive defensive tools. A promising solution is emerging in the form of biologically inspired computing, and in particular artificial immune systems (AIS). The human immune system (HIS) can detect and defend against harmful and previously unseen invaders, so can a similar system be built for our computers?As an initiative safety technique of information, the IDS (Intrusion Detection System) can fetch up exceedingly the disadvantage of tradition safety technique information. The IDS can improve the secure ability of system and reduce the menace to the stem by setting up a dynamic secure circle. Among these various areas, intrusion detection is vigorous research areas. Currently many network-based intrusion detection system have been developed using diverse approaches. Nevertheless, there still remain unsolved problems to build an effective network-based intrusion detection system, for example, the inconsistencies of detection speed of intrusion and the pace of development of internet, signatures database don't auto-update and both abnormal detection and misuse detection have drawback. As one approach (embed artificial immune system in intrusion detection system) of providing the solution of these problems.In the context of the inspiration by immune system mechanisms and the practical necessity of solving complex problems, the artificial immune system (AIS) is created by computer scientists. Artificial immune systems (AIS) constitute a relatively new area of bio-inspired computing. Biological models of the natural immune system, in particular the theories of clonal selection, immune networks and negative selection, have provided the inspiration for AIS algorithms. Moreover, such algorithms have been successfully employed in a wide variety of different application areas. However, despite these practical successes, until recently there has been a dearth of theory to justify their use. On the one hand, there are not sufficient theories and algorithms about AIS because it is a new subject branch. At present, there are the artificial immune network model based on the immune network theory, the negative selection algorithm based on immune specialization and clonal selection algorithm based on clonal selection theory. On the other hand, because of a limited view of the immune system, there exist many challenges for AIS, which includes:(1) the AIS field has reached an impasse due to the lack of innovation; (2) the lack of theoretical underpinning in AIS field; (3) attention should not only be paid to the potential of the immune system as inspiration, but also other systems with which the immune system interacts, in particular the neural systems and endocrine system. So the novel AIS algorithms may be developed; (4) it is time to greatly interact with immunologists and mathematicians to undertake specific experimentations in order to view the immune system deeply, and create useful models, all of which can be used as a basis for abstraction into powerful algorithms.The main research works of this dissertation can be summarized as follows:1. The current advance in biological immunology, including the structure of immune system, the principles of immune system and the latest immune theories and models, are investigated.2. The advance in AIS, including the structure of AIS, three theories about AIS, and three self-adaptive-immune-system-based algorithms, that is, negative selection algorithm, clonal selection algorithm and immune network algorithm, are studied.3. Clonal selection algorithm is the basis of my system. The paper improved the selection mechanism of clonal selection algorithm by negative selection algorithm improved. Negative Selection Algorithm is widely applied in Artificial Immune Systems, but it is not fast enough when there are mass data need to be processed. The paper improved the efficiency of Negative Selection Algorithm by Aho-Corasick multi-pattern matching algorithm. Experimental results demonstrate that the time complexity of this algorithm when processing an input string of length 1 is O(l).