【作者】 王军；

【导师】 冉春玉；

【作者基本信息】 武汉理工大学 ， 计算机应用技术， 2008， 硕士

【摘要】 人工免疫系统(AIS:Artifial Immune System)是一类基于生物免疫系统的功能、原理、特征而建立的用于解决各种复杂问题的计算系统。人工免疫系统是继人工神经网络、进化计算之后新的智能计算研究领域,是生命科学和计算机科学相交叉而形成的交叉学科研究热点。生物免疫系统的基本功能是识别自我和非我,并将非我清除,具有免疫识别、免疫应答、免疫记忆、和免疫耐受等功能,是一个自适应、自学习、自组织、并行处理和分布式的复杂系统。通过研究生物免疫系统所蕴含的各种信息处理机制,构建和设计有效的入侵检测模型和算法,对于建立基于免疫原理的入侵检测新理论、新方法,改善当前网络安全状况具有至关重要的意义。本文从生物免疫系统突出的自适应识别能力的角度出发研究了基于生物免疫原理的入侵检测模式,以人工免疫进化网络(ai-net)为基础提出了一种异常入侵检测算法。针对当前入侵检测算法中与用户交互不够的缺陷,在算法中提出了预警因子的概念。最后就基于免疫原理的入侵检测算法一般框架进行了讨论。本论文的主要研究内容如下:1分析和讨论了了入侵检测、生物免疫、人工免疫和聚类算法的原理和他们之间的联系,为算法的提出做好准备工作。2提出了一种异常入侵检测算法,在算法中先是基于改进的动态ai-net算法进行网络数据的压缩,然后使用层次聚类方法进行聚类分析,形成“自体”、“非自体”集合用于异常入侵检测。试验结果表明,算法克服了ai-net参数较多,对问题比较敏感的缺点,同时,具有较好的检测性能。3现有入侵检测方法考虑性能较多,对和用户的交互考虑较少。本文考虑到入侵检测的实际情况,提出了预警因子的概念,方便了用户根据自己的安全策略以取得检测率和误报率之间的平衡。在总结算法的基础上,提出了一个基于免疫原理的入侵检测算法框架,并就框架中的各组成部分进行了讨论。更多还原

【Abstract】 Artificial Immune System (AIS) is a kind of computing system to solve many kinds of complex problems based on the function, principle, and character of biologieal immune system theories. Artificial Immune System,which is an emergent cross-discipline research field generated by life science and computer science, is a novel intelligent computation study after Artificial Neural Network and Evolutionary Computation. The basic function of biological immune system is to recongnize self and non-self, and then to classify and eliminate non-self.Biological immune system has immune recognition , immune response , immune memory,immune tolerance and other characteristics. It is a complex distributed system which works in self-adaptive,self-learning,self-organization and parallel processing.With the in-depth study into various information processing mechanisms contained in biological immune system, many effective models and algorithms of intrusion detection can be established and designed,which plays an important role for the establishment of new theory and new method of intrusion detection based on biological immune system, also for the improvement of the current situation of network security. Inspired by the powerful recognition capability of immune system, we focus the study on the abnormal intrusion detection model based on immune system.Based on the ai-net,an algorithm for abnormal intrusion detection is proposed .In view of interactional flaws between users and intrusion detection model,which current algorithms frequently overlook, we bring forward the concept of Early Warning Factor.A framework of instrusion detection algorithm based on immune theory is also discussed at the final part.The main contribution of the dissertation are summarized as fellows:1.The theory of intrution detection , biological immune system, Artifieial Immune System and data clustering has been discussed,as well as their relationships,which provide the base for the algorithm.2. An algorithm based on abnormal intrusion detection is presented in the thesis. Compressed with an advanced ai-net algorithm,the network data in the algorithm is divided into "self"and "nonself" sets with hierarchical clustering analysis,which can be used for abnormal intrusion detection.The experiment results show that the algorithm has fewer parameters and little sensitivity than ai-net and performs well in detection.3. The current intrusion detection algorithm take more performance into consideration, but little for the practical requirements of users.In view of the Intrution Detection System’s actual situation,the concept of Early Warning Factor is presented in the thesis , which make it easy to get better tradeoff between detection rate and false positive rate according to security policies chosen by user. On the base of the algorithm, a framework of intrution detection algorithm based on the immune theory is discussed,so does the every part which composes the framework.更多还原