An adaptive LAN intrusion detection system based on computer immunology

作者:Zhao Tie Shan*; Li Zeng Zhi; Wang Ze Min; Lin Xiao Jun
来源:IEEE International Conference on Robotics and Biomimetics (ROBIO 2007), 2007-12-15 to 2007-12-18.
DOI:10.1109/ROBIO.2007.4522517

摘要

It is very useful to design adaptive LAN intrusion detection systems to improve the security of LANs. If a network connection links to an open port of an active host, it is defined as a normal one; otherwise, it is defined as an abnormal one. Rationality of the definitions is proved. Normal connections are self-bodies. A correct and complete self-body set can be used for an antibody set If a new network connection doesn't match any self-body, it is abnormal. An adaptive antibody generation model is presented firstly. Based on it, an adaptive intrusion detection system is introduced. Experiments show that the system is feasible: the detection rate of intruders' scans is 100%, of intruders' random probes is more than 98%, and there are no false alerts.

全文