论文标题:基于免疫机制的入侵检测系统研究
The Research of Intrusion Detection System Based on Immune Mechanism
论文作者
论文导师 段友祥;张国平,论文学位 硕士,论文专业 计算机应用技术
论文单位 中国石油大学,点击次数 79,论文页数 93页File Size746K
2007-04-01论文网 http://www.lw23.com/lunwen_102557467/
Artificial Immune;; Intrusion Detection;; Affinity Algorithm;; System Model
随着信息化时代的到来,网络信息安全问题变得日益重要。入侵检测技术作为防护计算机网络安全的一个重要措施,成为当前信息安全领域的研究重点。生物免疫系统与入侵检测系统在保护自体方面有天然的相似性,生物免疫系统保护肌体免受各种侵害的机制为入侵检测系统的设计提供了新的思路,基于免疫机理的入侵检测系统研究已成为入侵检测领域研究的前沿课题。 介绍了基于免疫机制的入侵检测系统产生和发展的历史过程及现状,概述了入侵检测系统、生物免疫系统、人工免疫中的有关概念、机制和算法。总结了人工免疫在入侵检测系统中应用的关键技术和问题。对LISYS系统作了分析。针对模式匹配是当前入侵检测所使用的主要检测技术,提出了一种改进的单模式匹配算法,实验证明改进的算法加快了模式匹配的速度。分析了目前亲和力计算方法的缺陷,提出了分段加权的亲和力算法,在经典数据源上的实验证明了该算法具有较低的的误检率和漏检率。对漏洞问题提出了修改规则的改进思路和算法步骤,同时对动态克隆选择算法提出了改进模型。最后,提出了一个改进的基于免疫机制的入侵检测系统模型,并进行了实验测试。
With the arrival of the information era, information security has become increasingly important. As an important method to insure computer security, intrusion detection technique has become the current focus of research in the field of information security. Biological immune system and intrusion detection system are similar in the field of natural protection. The theory that the immune system can protect body from invasion provides a new thinking to the design of intrusion detection system. Intrusion Detection System based on the immune mechanism has become the leading issue of research in the field of intrusion detection. We introduced the emergence and development of the historical process and the status quo of the intrusion detection system based on the immune mechanism, and gave an overview of the concept, mechanism and algorithm of intrusion detection system, biological immune system and artificial immune system. We summed up the key technology and problem about artificial immune system which is applied in the field of intrusion detection system. We analysed the LISYS. In view of pattern matching is a mainly detection technology used by intrusion detection system, We proposed an improved single pattern matching algorithm. The experimental results show that the algorithm can improve the efficiency of pattern matching. We analysed of the shortcomings of the current calculation method of affinity, and gave a weighted affinity algorithm of subparagraph. The experiment implemented on the classic data source proved that the algorithm has a lower false negative and false positive. We proposed an improved idea of amending the rules to the loopholes, meanwhile we gave an advanced model of DynamiCS. Finally, we proposed an improved Intrusion Detection System model based on immune mechanism and verified it by experiments.
|
