Large-Scale Network Intrusion Detection Based on Improved Complex Immune Algorithm
In order to improve the effect of intrusion detection,a method of detecting large-scale network intrusion was put forward based on improved compound immune algorithm.At first,the problem about network intrusion detec-tion was described by self-differentiation and non-self differentiation,and then the boundary of immune mechanism was defined by fuzzy rules.Moreover,the genetic algorithm was introduced into the negative selection algorithm,so that any chromosome can be described as a partial restriction in fuzzy rules.Meanwhile,the limit rules for penalty co-efficients were set to cover the probability of normal samples,thus simplifying the selection process of detector.Fur-thermore,binary coding and Hamming distance were used to calculate the affinity between antibody and antigen,thus obtaining the concentration of the two in the large-scale network.Finally,based on the comparison between the detec-tor dataset and network data,if it matches,there is an intrusion attack.Antibodies are recorded and an alarm is trig-gered based on the comparison results.The experimental results show that the proposed method can improve the de-tection accuracy and efficiency,and has good applicability and application prospects.
NETL
NSTL
万方数据
