| The advent of computer network technology has not only promoted the progress ofnatural science, but also stimulated the development of human society. No matter atwork or in entertainment, even in consumption, people are closely connected withcomputer network. At the same time, the security problem of network is becoming moreand more severe. There are so many viruses on the Internet and the hackers becomemore rampant. A variety of Internet fraud comes out frequently. In this situation, how toprotect network users’ security has become a hot research topic.Throughout the history of development of human science and technology, manyinventions and new technologies are the results of people’s studying on the functions ofbiological systems. Such as airplane, radar, submarine, and vibratory gyroscope, etc.The biological immune system has attracted many network security researchers becauseof its excellent characteristics, e.g. tolerance, immune memory, distribution, diversity,robustness and adaptability. Those researchers hope to apply these characteristics intothe study of network security.This thesis is completed by the inspiration of biological immune system. Learnfrom the functions of immune cells and the characteristics of biological immune system,a novel intrusion detection method is proposed. The method is improved compare totraditional intrusion detection methods. The advantages are mainly reflected by thegeneration method of the detector. Traditional intrusion detection method usually uses a"Self" set to train detectors; those detectors which pass the training are considered to bemature detectors and used to detect unknown data. However, the method in this thesis isdifferent. Those mature detectors which passed the self-tolerance training are classifiedinto3kinds of detector-common antibody, effective antibody, and memory antibody.The common antibody is same as the detector in traditional ways, it only passesself-tolerance training. The effective antibody and memory antibody have to pass thetraining of known anomaly data. In this thesis, a specific model of the biologicalimmunity based intrusion detection method and an antibody generation method aredesigned. Meanwhile, an optimization method for antibody is designed. The performance of the detection system proposed in this thesis is better than traditionalmethods. The true positive rate is high and false positive rate is low.The main research contents and innovations are as follows: Take biologicalimmune system as basis, refer to the action mechanism of memory cell, a biologicalimmunity based intrusion detection method is designed, and a specific model of themethod is established. Three kinds of detector-common antibody, effective antibody,memory antibody-are designed on the basis of traditional intrusion detection method.The generation method and optimization method of the memory antibody are given. Themethod proposed in this thesis is tested in a simulation with data from KDD99dataset,and the advantages of this method are confirmed. The factors affecting the performanceof the detection model are analyzed with a verifying simulation. |
PDF Full Text Request