| Popularization of computer and Internet make the information technology develop rapidly and promote social progress and human civilization. The problem of network security becomes the bottleneck of the technology development, the traditional firewall technology as passive defense method, it can't against attacks active. The problem was solved well when intrusion detection system appeared. Researches show that there are lots of similarities between biological immune system and intrusion detection system. The research of intrusion detection technology based on artificial immune theory is becoming a hotspot in recent years.Artificial immune system inspired by biological immune system has been applied in many aspects. There are some problems with the intrusion detection system based on traditional immune theory. With the deepening of the research, a new biological immune theory as danger theory is presented, now innate immune and adaptive immune would be introduced by artificial immune system. Researcher found that dendritic cells in the immune system plays an important role, therefore an algorithm inspired by dendritic cell functions was presented, based above some researches have been done in this paper.Firstly, further research with dendritic cells algorithm have been done. In the original algorithm dendritic cells were selected randomly when antigens and signals sampling, but these led the dendritic cells to be matured slowly, and cannot present antigens in first time. The strategy that selected dendritic cells selective was presented in the modified algorithm. In the original algorithm existed impact between antigens, these led detection to be rough. The concept of antigen impact factor was presented, and joined the modified algorithm. The result of experiment shows that the improved algorithm has high real-time anomaly detection capacity, the interference between antigens was reduced, and measuring accuracy was improved. And the modified algorithm was low CPU usage.Secondly, with the using of port scanning in the network attack, a solution of detection port scanning based on dendritic cells algorithm was proposed. The design and realization process of the application with dendritic cells algorithm were showed. Different test scenarios were presented in the experiments. The result of the experiments showed that this system have highly true positive rates and robustness when detected ports scanning behaviors, reflected the superiority of the dendritic cells algorithm. |
PDF Full Text Request