| The technology of intrusion detection is used to detect violations of security policy in computer network technology,which is an effective supplement of the firewall technology and the traditional network security defense technology such as information encryption technology.However,there is poor adaptability,low detection efficiency,ignoring of unknown attack fatigue,and poor performance of rules updating defect in the exsiting intrusion detection system.Biological immune system has highly adaptive,self-organizing,self-learning and feature extraction ability,which attrackswidespread concern of network security experts,forthe information processing mechanism has high degree of similarity between the biological immune system and intrusion detection.The organic integration of artificial immune theory and intrusion detection technology creates a new research hotspot in the field of network security,which effectively improved the problems of the intrusion detection technology.Based on the study on the domestic and foreign research status,the thesis deeply study the information processing mechanism of the intrution detection based on the theory of the immune and analyzes the defects of the existing intrusion detection system based on artificial immune theory.The main contributions are as the follows:First of all,improving detector generation algorithm proposes a randomly generated and gene library combining algorithm,optimizes the detector updating scheme,using the updated genetic type of detector to generate new effective detector.It not only decreases the loss of the system resource,but also effectively enhances the detection performace.Secondly,improving the r-adjacent matching rules,this paper puts forward a dynamic r-adjacents matching rules based on weight of the bit to make the intrusion detection adapt to the actual situation.Thirdly,the paper proposes a dymanic anomaly detection model,which applies protocol analysis technology to effectively test different message attack of the protocol type,to make intrusion detection more specific.Fourth,optimizing the synergistic stimulation,through protocol analysis strategy to improve the adaptability and the ability of automation of the model,reduce the manual invervention.In this thesis,we perform a simulation experiments on MATLAB by applying KDD-CUP99 dataset and setting reasonable paramenter to demonstrate the feasibility and effectiveness of the improved algorithm and the modified model.The experimental results show that the improved detector generation algorithm has lower time complexity.The improved dynamic anomaly detection method can effectively improve the detection rate and reduce the false rate. |
PDF Full Text Request