Research On Intrusion Prevention Based On Immune Agent And Particle Swarm Optimization

With the development of the network technology, the high-speed network technologybecomes universal, the network security technologies we used, such as firewalls, intrusiondetection systems, etc, can not meet the network security needs. Intrusion prevention system,as a new network security technology, is paid great attention by researchers in the networksecurity field and becomes a hot research topic now.By studying in the intrusion prevention model, An intrusion prevention system basedon immune agent and particle swarm optimization is proposed in the paper. It is divided intothe central control module, detection system module, response system module and messageregister module. The function and working principle of every module is presented andadaptive response system is instructed. And the detection system module is the key of thesystem. But the low detecting rate and the detecting speed bottleneck is its shortage. Tomeet the development of the high-speed network and improve the detection performance ofthe system, the high detection rate and high detecting speed of the detection system isfocused in the thesis.Biological immune system owns self-protection mechanism, and can identify self andnonself. It is a hot research topic in the field of network security and artificial immunesystems. The functions of self-learning, active memory, select Clone and matching thresholdis its advantage. That is needed in the detection system. Immune mechanism of Biologicalimmune system is used in detectors, Which includes three stages of auto-tolerance, immuneresponse, immune feedback.Mobile agent is the self-controlled producer that moves autonomously from one nodeto another in the network to finish the set work. The place that mobile agent is executed isnot limited. Mobile agent will move to another without closed when the needed data iscollected and treated on the host. The data segment and stack of the ex-progress is saved inthe system, so the network communication is reduced, and the bandwidth is also saved.Leading the data that it obtained is more comprehensive and exactitude.Quantum-behaved Particle Swarm Optimization owns global convergence, fastconvergence, optimization capability and so on. In the immune system, antibody is matchedantigen one on one without sharing information. Although the full use of its own historicalinformation, it ignores the information among antibodies, leaving the low convergence rate in the detection process. In the paper, QPSO is combined with immune algorithm toimprove the matching speed and the matching accuracy. All these three techniques are usedin the detection system module, immune agent unit based on immune agent and particleswarm optimization is proposed, and the function of agent in each module is achieved.Detection system module based on immune agent and particle swarm optimization isthe key of the intrusion prevention system, the proposed algorithm was simulated withKddcup99data set. And some of the design parameters are discussed. The experiment resultindicates that the algorithm has high detection rate and high detecting speed.