| Intrusion detection plays an important role in the field of network security.Intrusion detection system can monitor the host, network and applications thoroughly.Meanwhile, it can identify and response the intrusion to provide testing for internaland external attack or user’s wrong operation. Therefore, intrusion detectioneffectively makes up for the disadvantages of traditional safety technology. Theintrusion detection technology is a passive detection mechanism. When the invasionactivity has occurred or the system has been destroyed, the detection system in thecase of manual intervention can detect the invasion activity. Then, the securitymanagers respond to the invasion activity according to the characteristics of theinvasion and intrusion purposes. Intrusion detection is the lack of adaptability andinitiative.Aiming at the defects of intrusion detection, the autonomic computing technologyis used in the intrusion detection. A proactive intrusion detection model withautonomic characteristic is proposed in this paper.(1)Thorough research of intrusion detection’s principles is conducted. Theadvantages and disadvantages of the present technologies and methods used inintrusion detection are compared and analyzed. The key factors that affect intrusiondetection systems’ performance indexes such as accuracy, completeness, faulttolerance, timeliness and detection are practically studied.(2)Aiming at the defect of passive detection mechanism in traditional intrusiondetection systems, a proactive intrusion detection model with autonomic characteristicis proposed in this paper. This model is based on autonomic manager and integratesmulti-attribute Auction Mechanism into Agent coordination layer for perceiving thechanging of the systems environment, adapting configuration management.Experimental results show that the model can enhance the system’s self-adaptiveperformance and obtain higher detection accuracy. (3)An Intrusion Feature Extraction Algorithm Based on Autonomic Computing isdesigned. Aiming at the problem of intrusion detection algorithm’s low processingspeed caused by the redundancy information of high dimension intrusion detectiondata, by combining autonomic computing technology based on utility function andparticle swarm optimization algorithm, the intrusion feature extraction algorithm basedon autonomic computing is proposed.According to the high-level strategic knowledge, the proactive intrusion detectionsystem with autonomic characteristic can quickly detect intrusion in the case of lessintervention by manual. The system will autonomous detects and responds forintrusion. |
PDF Full Text Request