摘要
基于仿生学的免疫原理,将肽链定义为在操作系统中由特权进程执行的系统调用及参数短序列,提出了一个基于生物免疫学的分布式入侵检测系统模型。该模型模拟生物免疫系统中的多样性、分布性、初次应答和再次应答等基本工作原理,通过免疫计算机和控制台之间的信息共享、相互协作实现实时入侵检测。对系统的体系结构进行了阐述,对系统的关键组件及其功能做了详细的描述。
According to the immunology principles of bionics, a new type of distributed model of intrusion detection system based on immunology was presented. Short sequences of system calls and parameters executed by privileged procedure were vie-wed as analogous to peptide. This model tried to simulate several basic principles in immune system, such as diversity, distribution, primary immune response and secondary immune response. The real time detection was realized by the data sharing and collab-oration between immune computers and consoles. Moreover, the architecture of this model and the functions of key components were described.
出处
《计算机工程与设计》
CSCD
2004年第4期481-483,563,共4页
Computer Engineering and Design
基金
国家863高科技基金项目(2002AA113161)
国家自然科学基金项目(69973020)
国防科工委应用基础基金项目(J1300D004)
关键词
免疫计算机
入侵检测
肽链
系统调用
网络安全
免疫学
immune computer
peptide
immunology
intrusion detection
the sequence of system calls and parameters
network security
