计算机工程与应用 ›› 2007, Vol. 43 ›› Issue (21): 150-152.

• 网络、通信与安全 • 上一篇    下一篇

一种改进的网络入侵检测器生成算法

马 莉1,2,刘凤玉2   

  1. 1.扬州大学 信息工程学院,江苏 扬州 225009
    2.南京理工大学 计算机科学与技术学院,南京 210094
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2007-07-21 发布日期:2007-07-21
  • 通讯作者: 马 莉

Improved algorithm of generating network intrusion detector

MA Li1,2,LIU Feng-yu1   

  1. 1.The Information Engineering College of Yangzhou University,Yangzhou,Jiangsu 225009,China
    2.School of Computer Science and Technology,NUST,Nanjing 210094,China
  • Received:1900-01-01 Revised:1900-01-01 Online:2007-07-21 Published:2007-07-21
  • Contact: MA Li

摘要: 在分析了现有检测器生成算法的基础上,针对阴性选择算法的缺陷,提出了IDANS算法(Improved Detection Algorithm based on Negative Selection,改进的基于阴性选择的检测算法)。该算法采用基因库进化等策略,提高了生成检测器的有效性和检测率,同时,引入协同信号机制有效识别误操作,从而大大降低虚警率。实验结果体现了该算法的有效性和检测的高效性。

关键词: 入侵检测, 阴性选择, 异常检测, 基因库优化

Abstract: On the basis of the analysis of the current algorithms on generating detector,an algorithm of generating network intrusion detector is proposed to avoid the disadvantages of negative selection.The algorithm takes advantage of the strategies such as GAlib etc to improve the efficiency and TP(True Positive).Meanwhile,with the introducing of cooperating signals,the algorithm is good for recognizing the mistake operations so as to reduce FP(False Positive).The experiment results show that the proposed algorithm is practical and efficient.

Key words: intrusion detection, negative algorithm, abnormal detection, optimization of GAlib