基于人工免疫的新型入侵检测系统研究
分析研究了人工免疫原理在网络入侵检测中应用的可行性,结合人工免疫模型和数据挖掘技术建立了一个网络入侵检测系统模型。对抗体生成过程中的关键算法进行了描述。为克服在抗体生成阶段由于采用遗传算子导致时空效率不佳的缺陷,将数据流分割成字符串集合,根据数理统计原理,讨论了分割参数和检测器数目的选定,使它在通用性、鲁棒性上具有优势。
The feasibility of applying arTIficial immune theory in intrusion detecTIon system is Analyzed, establishes a model combining arTIficial immune theory and data mining technique is estoblished. Based on the staTIstical theory, the amount of information that is lost by splitting a data stream into unordered strings can be estimated, and this estimate can be used to guide the choice of string length. Based on information- theory, a lower bound on the size of the detector set is derived. Detector Generating algorithm is described. The performance of Artificial Immune Intrusion Detection System (AIIDS) is better than the normal intrusion detection system based on knowledge engineering.