通信学报 ›› 2013, Vol. 34 ›› Issue (9): 166-176.doi: 10.3969/j.issn.1000-436x.2013.09.020

• 技术报告 • 上一篇    下一篇

基于粗糙集和人工免疫的集成入侵检测模型

张玲1,2,白中英1,罗守山1,2,谢康2,3,崔冠宁1,2,孙茂华1,2   

  1. 1 北京邮电大学 信息安全中心,北京 100876
    2 云安全北京工程实验室,北京 100876
    3 山东大学 信息科学与工程学院,山东 济南 250100
  • 出版日期:2013-09-25 发布日期:2017-07-05
  • 基金资助:
    国家自然科学基金资助项目;国家自然科学基金资助项目

Integrated intrusion detection model based on rough set and artificial immune

Ling ZHANG1,2,Zhong-ying BAI1,Shou-shan LUO1,2,Kang XIE2,3,Guan-ning CUI1,2,Mao-hua SUN1,2   

  1. 1 Information Security Center,Beijing University of Posts and Telecommunications,Beijing 100876,China
    2 Beijing Engineering Lab for Cloud Security,Beijing 100876,China
    3 College of Information Science and Engineering,Sha ng University,Ji'nan 250100,China
  • Online:2013-09-25 Published:2017-07-05
  • Supported by:
    The National Natural Science Foundation of China;The National Natural Science Foundation of China

摘要:

针对当前入侵检测存在的问题,通过引入粗糙集方法,综合误用检测和异常检测设计了一种基于粗糙集和人工免疫的集成入侵检测(RSAI-IID)模型,提出了一种在入侵检测中实现疫苗注入的方法。采用粗糙集方法获取疫苗,并保证了疫苗的优良性,优化检测性能;误用检测筛掉已知的入侵行为,提高检测的速度;异常检测针对未知攻击进行实时检测。最后在KDD99数据集上进行实验仿真,验证了模型的可行性和有效性。

关键词: 粗糙集, 人工免疫, 误用检测, 异常检测, RSAI-IID模型

Abstract:

According to the problems of intrusion detection,an integrated intrusion detection model based on rough set and artificial immune (RSAI-IID) was proposed by using rough set and integrating misuse detection and anomaly detection.The rough set method was used to achieve the vaccine which was injected in the model,to get better vaccine,and to optimum the performances of detection; misuse detection was used to get off the known intrusions; anomaly detection was used to detect the novel intrusions.RSAI-IID model was validated on KDD 99 dataset.The experimental results show its feasibility and effectiveness.

Key words: rough set;, artificial immune system, misuse detection, anomaly detection, integrated intrusion detection model based on rough set and artificial immune

No Suggested Reading articles found!