摘要
随着网络入侵方法和网络计算环境的变化,入侵越来越难以被检测和防范.本文针对当前入侵检测中存在的问题给出了一种基于生物免疫机制和模糊逻辑的自适应入侵检测模型,分别对正常行为模式和待检测行为模式建立模糊关联规则集,通过比较待检测行为模式的规则集与正常行为模式的规则集的相似度,确定是否有入侵事件发生;此外,模型还可以自适应在线升级自身的抗体规则,从而提高了抵御新型攻击的能力和自适应性.经过仿真测试,证明该模型可以有效地检测异常攻击事件.
With the change ofintemet intrusion method and the calculate environment, it appears more and more difficult to detect the intrusion. This paper describes an adaptive intrusion detection model based on immune and fuzzy logic. The model creates respectively the rule collection of natural behavior mode and inspecting behavior mode. Whether or not the intrusion is happened can be judged by the difference between the two rule collections. Besides, the model updates rules automaticaUy and constantly to improve the ability of detecting new type intrusions. Experiment results indicate that the modal has good efficiency in identifying the abnormal intrusion.
出处
《厦门大学学报(自然科学版)》
CAS
CSCD
北大核心
2007年第A02期72-74,共3页
Journal of Xiamen University:Natural Science
基金
国家自然科学基金(50604012)资助
关键词
入侵检测
人工免疫
模糊逻辑
自适应
intrusion detection
immune principles
fuzzy logic
adaptive