| All kinds of virus,Trojan and rogue software which are based on decompilation technique,embedded drive theory and rogue software have brought serious threat to the network users' privacy and property safety.In order to give people a safe and healthy network environment,intrusion detection technologies based on a variety of theories came into being.In view of the high robustness,adaptability and ability to repair itself in the biological immune system,intrusion detection technology based on artificial immune theory has become a new direction technology in the field of network security.Immune intrusion detection technology is a kind of misuse detection method that the detection target is divided into self and non-self.The negative selection algorithm and clonal selection algorithm are used to generate and train the mature detector respectively.The network data traffic is identified by the mature detectors.New mature detectors are generated by real-time distinguished normal data traffic to ensure system's dynamic adaptive.Mature detectors' detection capability is implemented by iterative training in the cloned selection algorithm in order to improve the their performance of the mature detectors and the level of detection system simulated biological evolution.Not only do immune intrusion detection system identify the network behavior,but also has a good self-learning,self-renewal ability.The sample selection by affinity accumulation strategy will result in the high overlap of sample detection range and limit iteration efficiency.This paper presents a clonal selection algorithm under the multi-objective optimization theory.The results of parent and progeny for antigen are recorded into tag vector in this algorithm.The mature detectors are mapped into the next generation by the computed Pareto non dominated vector.New mature detectors were added to ensure the fixed population size,while high frequency variability and self tolerance were performed on the dominated detectors.This algorithm can effectively improve the efficiency of population evolution,increase the diversity of population and improve the detection rate of the system.In view of the theory of multiple objective programming have a good effect in multiple classification problem.This paper presented a multi-objective planning algorithm for anomaly detection combined with support vector machine.Multiple classification space is directly planned for different classes of training samples,and the problem of antigen classification is transformed to problem of multivariate function conditions.By Lagrange multiplier method,the score vector of training set is obtained.According to the inner product of vector and detection samples' scope,the test sample is identified.Experiment shows this method solves the limitation of SVM single multidimensional surface for multiple classification problem and has less training time. |
PDF Full Text Request