摘要
在研究和分析"免疫软件人"(Immune-Soft Man,ISM)技术的基础上,受其启示,提出一种直观的基于ISM技术的网络安全系统(Network Security System based on Immune-Soft Man,ISMNSS)的自适应分布式协作控制模型.该模型融合了层次模型和协作模型的优点,以分布式自治ISM为组织单元,采用部分——全局规划(PGP)策略的多ISM协商控制机制,从构造上克服了传统的分布式入侵检测系统(DIDS)由于系统自身结构固定且缺乏自适应性和协同性等局限性.通过分析和实验验证,该系统充分利用了ISM的自治性、协作性和社会性等特性,较好地解决了信任社区内与社区间的协同预警及防御问题,相比传统的网络安全系统,具有检测效率高、负载均衡和自适应能力强等优点.这也为解决现有网络安全系统的不足提供了新的研究思路和方法.
Inspired by the intelligence recognition characteristics of "Immune-SoftMan" (ISM ), a novel adaptive and distributed cooperation model for the network security system based on ISM ( ISMNSS ) is thus proposed. The system model is adopted the partialglobal planning ( PGP) strategy and the non-center control distributed architecture of autonomy ISM to adapt to heavy network loads of detection tasks. At the same time, the system model combines the level model and collaboration model of the merits, and improves the traditional integrating and immutable framework of the distributed intrusion detection system ( DIDS). Theoretical analysis and experimental results show that the ISMNSS is a flexible distributed network security system. The ISMNSS enables member sites in the same trust community or different ones to forewarn attacks cooperatively. Compared with the traditional Snort system, the system possesses higher detection rate, load balancing and better self-adaptability, etc. The ISMNSS also provides a novel way for implementation of the network security system.
出处
《小型微型计算机系统》
CSCD
北大核心
2012年第10期2199-2202,共4页
Journal of Chinese Computer Systems
基金
国家自然科学基金项目(61163025)资助
内蒙古自治区自然科学基金项目(2010BS0904)资助
内蒙古自治区高等学校科学研究基金项目(重点项目)(NJ10162)资助
内蒙古自治区高等学校科学研究基金项目(NJZY07116)资助
关键词
网络安全
ISM
网络社区
自适应
分布式
协作控制
network security
Immune-SoftMan
network community
self-adaptability
distributed
cooperation control
