基于免疫算法和模糊理论的入侵检测技术研究及应用
|
摘要
当前,入侵检测系统作为网络安全的关键技术,已经开始在各种不同的环境中发挥作用。由于免疫系统和入侵检测系统有着许多相似之处,基于免疫学的入侵检测系统正逐渐成为入侵检测领域的研究热点。
在概述了入侵检测系统中关键技术的基础上,介绍了免疫原理及应用于入侵检测的各种免疫算法,分析了模糊理论知识,总结了人工免疫在入侵检测系统中应用的关键技术及所存在的问题。针对目前免疫入侵检测模型中用于定义自体集的纯净数据集在获取上非常困难,并且使用传统的检测规则检测样本模式时忽略了自体模式和异体模式之间的模糊界限,而且利用传统的否定选择算法在生成检测器和检测匹配过程中存在计算复杂度高和效率低下的缺点,提出了一种新的免疫入侵检测方式——将免疫方法和模糊知识相结合的分析模型。
在待检测数据流进入检测器之前,运用模糊c-均值聚类技术进行数据的预处理工作,将得到的纯净的正常模式用来训练检测器,并过滤掉,以减少后期的匹配工作;并将含有大量异常的数据进入到下一步免疫检测模型中。又在第二步的过程中,重点讨论了模糊检测规则的重要性,研究了其具体的表示方式,并提出利用免疫算法的优化搜索性能来进化模糊检测器的方法。最后通过实验证明,与传统的检测方法相比,提出的新模型在获取纯净的训练数据方面存在较大的优势,并且大大减少了检测器与网络数据的整体匹配计算次数,在很大程度上减轻了系统的负荷;而且所生成的模糊检测器表示方法简洁,能用较少的模式覆盖较多的异常空间,降低了检测规则的脆弱性,整体检测效果较好。
The intrusion detection system which acts as the pivotal technique in current network security has been playing an important role in various fields. As is well known to all,the immune system is similar to the intrusion detection system in many aspects. So the intrusion detection system which bases on the immunology has become the research hotspot.
Summarize the pivotal techniques in intrusion detection system,research the immune theory and various immune algorithms,analyse the fuzzy theory,and sum up the application of immunology and existent problems. Some problems cannot be ignored,such as that it is so difficult to obtain the pure data sets to define self modes,and the traditional detection rules neglect the fuzzy boundary of normals and abnormals,and using the traditional negative selection algorithm results in the complex calculation and lower efficiency when generating the detections and matching with the modes. Aimming at these flaws,it is presented a new intrusion detection mode——an analyzing mode based on the immunology and fuzzy knowledges.
Before the network data stream entering the detections,use fuzzy c-means clustering technique to pretreat the data and obtain the pure self modes with which to train detections. And then throw them away. This method can reduce the next matching work. And the next step is that using immune detection modes to monitor the data sets which include lots of abnormals. The importance of fuzzy detection rules will be emphasized,and its expression method will be deeply researched. And it is presented to use the good searching performance of immune algorithm to generate fuzzy-detectors. Finally,the experiments prove that using the presented detection method has a powerful advantage in obtaining pure training data,and it could reduce the detectors and data’s matching computation enormously,so the load of system has been eased greatly. And the generated fuzzy rules express the self and nonself very compactly. It could cover more abnormals with less detection modes. And the fuzzy rules could reduce the frangibility of detectors greatly. On all accounts,the presented method have a better detection effect.
在概述了入侵检测系统中关键技术的基础上,介绍了免疫原理及应用于入侵检测的各种免疫算法,分析了模糊理论知识,总结了人工免疫在入侵检测系统中应用的关键技术及所存在的问题。针对目前免疫入侵检测模型中用于定义自体集的纯净数据集在获取上非常困难,并且使用传统的检测规则检测样本模式时忽略了自体模式和异体模式之间的模糊界限,而且利用传统的否定选择算法在生成检测器和检测匹配过程中存在计算复杂度高和效率低下的缺点,提出了一种新的免疫入侵检测方式——将免疫方法和模糊知识相结合的分析模型。
在待检测数据流进入检测器之前,运用模糊c-均值聚类技术进行数据的预处理工作,将得到的纯净的正常模式用来训练检测器,并过滤掉,以减少后期的匹配工作;并将含有大量异常的数据进入到下一步免疫检测模型中。又在第二步的过程中,重点讨论了模糊检测规则的重要性,研究了其具体的表示方式,并提出利用免疫算法的优化搜索性能来进化模糊检测器的方法。最后通过实验证明,与传统的检测方法相比,提出的新模型在获取纯净的训练数据方面存在较大的优势,并且大大减少了检测器与网络数据的整体匹配计算次数,在很大程度上减轻了系统的负荷;而且所生成的模糊检测器表示方法简洁,能用较少的模式覆盖较多的异常空间,降低了检测规则的脆弱性,整体检测效果较好。
The intrusion detection system which acts as the pivotal technique in current network security has been playing an important role in various fields. As is well known to all,the immune system is similar to the intrusion detection system in many aspects. So the intrusion detection system which bases on the immunology has become the research hotspot.
Summarize the pivotal techniques in intrusion detection system,research the immune theory and various immune algorithms,analyse the fuzzy theory,and sum up the application of immunology and existent problems. Some problems cannot be ignored,such as that it is so difficult to obtain the pure data sets to define self modes,and the traditional detection rules neglect the fuzzy boundary of normals and abnormals,and using the traditional negative selection algorithm results in the complex calculation and lower efficiency when generating the detections and matching with the modes. Aimming at these flaws,it is presented a new intrusion detection mode——an analyzing mode based on the immunology and fuzzy knowledges.
Before the network data stream entering the detections,use fuzzy c-means clustering technique to pretreat the data and obtain the pure self modes with which to train detections. And then throw them away. This method can reduce the next matching work. And the next step is that using immune detection modes to monitor the data sets which include lots of abnormals. The importance of fuzzy detection rules will be emphasized,and its expression method will be deeply researched. And it is presented to use the good searching performance of immune algorithm to generate fuzzy-detectors. Finally,the experiments prove that using the presented detection method has a powerful advantage in obtaining pure training data,and it could reduce the detectors and data’s matching computation enormously,so the load of system has been eased greatly. And the generated fuzzy rules express the self and nonself very compactly. It could cover more abnormals with less detection modes. And the fuzzy rules could reduce the frangibility of detectors greatly. On all accounts,the presented method have a better detection effect.
引文
[1] Hofmeyr S. A. , Forrest S.Immunity by design : an artificial immune systems [A].Proceedings of 1st International Conference on Artificial Immune System[C].Florida,USA,1999:1-4
[2] Kim J,Bentley P.The artificial immune model for network intrusion detection[A]. 7th European Congress on Intelligent Techniques and Soft Computing (EUFIT'99) [C].Achen, Germany,1999:20-25
[3] D.Dasgupta.Immunity-based intrusion detection systems : a general framework [A]. Proceedings of the 22nd National Information Systems Security Conference (NISSC) [C].1999:18-21
[4] Fabricio S.Paula,Marcelo A.Reis,Deigo A,et al.A denoids:a hybrids based on the immune system[A].Proceedings of 9th International Conference on Neural Information Processing[C].Piscataway,2002:1479-1484
[5]王熙法,张显俊,曹先彬等.一种基于免疫原理的遗传算法[J].小型微型计算机系统,1999,20(2):117-120
[6]梁意文.网络信息安全的免疫模型[D].武汉:武汉大学,2002
[7]王益丰,李涛.一种基于人工免疫的网络安全实时风险检测方法[J].电子学报,2005, 33(5):945-949
[8]张衡.具有vpn功能的防火墙的研究与实现[D].重庆:重庆大学,2005
[9]罗文坚.面向入侵检测的人工免疫模型和算法研究[D].合肥:中国科学技术大学,2003
[10]程永新.基于免疫原理的新型入侵检测模型及算法研究[D].四川:电子科技大学,2006
[11]陈军敢.基于人工免疫系统的入侵检测器生成算法研究[D].浙江:浙江工业大学,2005
[12] Jianxiong Luo,Susan M. Bridges,Rayford B.Vaughn,et al.Fuzzy Frequent Episodes for Real-Time Intrusion Detection[A] .Fuzzy Systems.The 10th IEEE International Conference[C].Piscataway,2001:1-4
[13]张勇,欧阳明光,潘峰,等.基于免疫原理的多代理网络入侵检测系统的设计[ J].计算机应用与软件,2004:2-4
[14]张剑,龚俭.异常检测算法综述[J].计算机研究与发展,2003:1-4
[15] Dickerson,J Juslin,O Koukousoula,et al.JA:Fuzzy Intrusion Detection[A]. Proceeding of 20th NAFIPS International Conference[C].Vancouver,British Columbia,2001:1506-1510
[16] Siraj Ambareen,Susan M Bridges,Rayford B Vaughn.Fuzzy cognitive maps for decision support in an intelligent intrusion detection system[A].In:Proceedings of FSM NAFIPS 2001 [C].Canada,2001
[17]喻建平,闫巧.入侵检测系统的发展及其研究方向[J].信息安全与通信保密,2002,5:46-48
[18]戴云,范志平.入侵检测系统研究综述[J].计算机工程与应用,2002,16(4):17-21
[19]卿斯汉,蒋建春,马恒太,等.入侵检测技术研究综述[J].通信学报,2004,25(7):24-25
[20] D.Castro,L.N,J.Timmis.Artificial Immune Systems:A New Computational Intelligence Approach[A].ISBN 1-85233-594-7[C].London:Springer-Veralg,2002:53-104
[21]李军.人工免疫原理及其在入侵检测中的应用[D].成都:电子科技大学,2003
[22]张慧君.基于免疫策略的入侵检测技术的研究[D].河北:燕山大学,2004
[23] Kim J. W.,Integrating Artificial Immune Algorithms for Intrusion Detection[D]. London:Department of Computer Science,University College,2002
[24] Kim J.,Bentley P.The Artificial Immune System for Network Intrusion Detection,An Investigation of Clonal Selection with a Negative Selection Operator[A].The Congress on Evolutionary Computation[C] .Honolulu,2001:1-6
[25] Kim J. , Bentley P. , The Artificial Immune Model for Network Intrusion Detection[A] . 7th European Congress on Intelligent Techniques and Soft Computing[C] .Germany:Verlag Mainz,1999:1-7
[26]濮青.入侵检测系统面临问题与发展趋势研究[J].计算机工程与设计,2004,25(1):55-57
[27]丁永生.计算智能——理论、技术与应用[M].北京:科学出版社,2004:163-196
[28]李涛.计算机免疫学[M].北京:电子工业出版社,2004:78-111
[29]张四海,曹先彬,王煦法.基于免疫识别的免疫算法[J].电子学报,2002,20(12):1840-1844
[30] Zhou J,Dipankar D.Augmented negative selection algorithm with variable-coverage detectors[A].Proceedings of the Congress of Evolutionary Computation[C] .New Jersey:IEEE Press,2004:1081-1088
[31]吴作顺.基于免疫学的入侵检测系统研究[D].长沙:国防科学技术大学,2003
[32]赵俊忠,黄厚宽,田盛丰.免疫机制在计算机网络入侵检测中的应用研究[J].计算机研究与发展,2003,40(9):1293-1299
[33] Fabio Gonzalez.A study of artificial immune systems applied to anomaly detection[D].Memphis:The University of Memphis,2003
[34] Gonzalez L,Cannady J.A self-adaptive negative selection approach for anomaly detection[A].Proceedings of the Congress on Evolutionary Computation[C] .Piscataway:IEEE Press,2004:1561-1568
[35] Fabio A G,Dasgupta D.An immnogenetic technique to detect anomalies in network traffic[A].Proceedings of the Genetic and Evolutionary Computation Conference[C] .San Francisco:Morgan Kaufmann Publishers,2002:1081-1088
[36]孙冰.基于人工免疫原理入侵检测系统的研究[D].山东:中国石油大学,2006
[37]杨纶标,高英仪.模糊数学原理及应用[M].第三版.广东:华南理工大学出版社,2004:41-115
[38]孙东,黄天戍,秦丙栓等.基于模糊数据挖掘与遗传算法的异常检测方法[J].计算机应用,2006,26:1-4
[39] Jonatan Gomez , Dipankar Dasgupta.Evolving Fuzzy Classifiers for Intrusion Detection[A].Proceedings of the 2002 IEEE Workshop on Information Assurance[C] .United States Military Academy,2001,15:1-5
[40]闫巧.基于免疫机理的入侵检测系统研究[D].西安:西安电子科技大学,2003
[41]朱天清.模糊理论在入侵检测中的应用研究[D].武汉:武汉大学,2004
[42]杜广宇,黄天戍,李琦.网络入侵检测中人工免疫动态“自我”定义模型[J].计算机工程,2006,32:1-3
[43]高新波.模糊聚类分析及其应用[M].西安:电子科技大学出版社,2004:6-60
[44]王秀珍.模糊聚类分析法及其应用[J].长沙大学学报,1999,13(4):46-49
[45] Susan Bridges,Rayford Vaughn.Fuzzy data mining and genetic algorithms applied tointrusion detection[A] .Proceeding twenty third National Information Security Conference[C] .Maryland,USA, 2000:1-19
[46] Dasgupta D,Gonzalez F.Evolving complex fuzzy classifier rules using a linear tree genetic algorithm[A] .Proceedings of the Genetic and Evolutionary Computation Conference[C] .San Francisco:Morgan Kaufmann Publishers,2001:299-305
[47]白瑞祥.模糊C-均值聚类分析系统设计与实现[J].天津科技大学学报,2005,20(4):52-55
[48]蒋红芬.模糊聚类的改进及其在文本中的应用[D].山东:中国石油大学,2005
[49] Lincoln Laboratory.Massachusetts Institute of Technology.DARPA 99 Intrusion DetectionDataSet[EB/OL].http://www.ll.mit.edu/IST/ideval/data/1999/1999_data_index.html,2001
[50] Dasgupta D,Gonzalez F.An immunity-based technique to characterize intrusions in computer networks[J].IEEE Transactions on Evolutionary Computation,2002,6(3):281-291
[51]裴庆祺.模糊入侵检测技术研究[D].西安:西安电子科技大学,2004
[52]严骏.模糊聚类算法应用研究[D].浙江:浙江大学,2004
[53]向继东.基于数据挖掘的自适应入侵检测建模研究[D].武汉:武汉大学,2004
[54]杨芳.基于模糊方法的入侵检测系统研究[D].深圳:深圳大学,2000
[55] Kim J,Bentley P. Evaluating Negative Selection in an Artificial Immune System for Network Intrusion Detection[A].Genetic and Evolutionary Computation Conference (GECCO-2001)[C] .Washington DC,2001:1330-1337
[56] Balthrop J.Coverage and Generalization in an Artificial Immune System[A].In the proceedings of the 2002 Genetic and Evolutionary Computation Conference[C].San Francisco,2002:2-5
[57]徐汶东.基于免疫机制的入侵检测系统研究[D].山东:中国石油大学,2007
[58]冯艳华,钟诚,李智.一种基于多级否定选择的入侵检测器生成算法[J].计算机技术与发展,2006,16:1-3
[59] Gonzalez F. , A Study of Artificial Immune System Applied to Anomaly Detection[D].Memphis:The University of Memphis,2003
[60]贾皓昕.基于免疫原理的入侵检测系统研究[D].西安:西安电子科技大学,2005
[61]段友祥,王海峰.模糊逻辑在基于AIS的主机入侵检测中的应用[J].计算机工程与设计,2005,26(9):7-9
[62]凌军.基于免疫原理的入侵检测模型和方法研究[D].武汉:武汉大学,2003
[63] Jonatan Gomez C , Fabio Gonzalez.An Immuno-Fuzzy Approach to Anomaly Detection[A].IEEE International Conference Fuzzy System[C].Man and Cybernetics,2003:1219-1224
[64] Fabio González,Jonatan Gómez,Madhavi Kaniganti,et al.An Evolutionary Approach to Generate Fuzzy Anomaly Signatures[A].Proceedings of the Fourth Annual IEEE Information Assurance Workshop[C].Piscataway,New Jersey:IEEE Press,2003:251-259
[65]黄席樾..张著洪,何传江,等.现代智能算法理论及应用[M].北京:科学出版社,2005:15-153
[66]张凤斌.基于免疫遗传算法的入侵检测技术研究[D].哈尔滨:哈尔滨工程大学,2005
[67] Gonzalez F , Dasgupta D , Nino L F.A randomized real negative selection algorithm.ICARIS-03,2003
[68] Zhao J B,Huang H K.An evolving intrusion detection system based on natural immune system,Proceedings of IEEE Region 10 Conference on Computers,Communications,Control and Power Engineering,China,2002,Beijing:Institute of Electrical and Electronics Engineers,2002:129-132
[69] Sankalp Balachandran.Multi-shaped Detector generation using Real-valued representation for Anomaly Detection[D].Memphis:The University of Memphis,2005
[70]鲁云平.基于免疫原理的网络入侵检测技术研究[D].重庆:重庆大学,2003
[71]张雅静.计算机仿生物免疫检测算法及其应用研究[D].北京:北京理工大学,2003
[2] Kim J,Bentley P.The artificial immune model for network intrusion detection[A]. 7th European Congress on Intelligent Techniques and Soft Computing (EUFIT'99) [C].Achen, Germany,1999:20-25
[3] D.Dasgupta.Immunity-based intrusion detection systems : a general framework [A]. Proceedings of the 22nd National Information Systems Security Conference (NISSC) [C].1999:18-21
[4] Fabricio S.Paula,Marcelo A.Reis,Deigo A,et al.A denoids:a hybrids based on the immune system[A].Proceedings of 9th International Conference on Neural Information Processing[C].Piscataway,2002:1479-1484
[5]王熙法,张显俊,曹先彬等.一种基于免疫原理的遗传算法[J].小型微型计算机系统,1999,20(2):117-120
[6]梁意文.网络信息安全的免疫模型[D].武汉:武汉大学,2002
[7]王益丰,李涛.一种基于人工免疫的网络安全实时风险检测方法[J].电子学报,2005, 33(5):945-949
[8]张衡.具有vpn功能的防火墙的研究与实现[D].重庆:重庆大学,2005
[9]罗文坚.面向入侵检测的人工免疫模型和算法研究[D].合肥:中国科学技术大学,2003
[10]程永新.基于免疫原理的新型入侵检测模型及算法研究[D].四川:电子科技大学,2006
[11]陈军敢.基于人工免疫系统的入侵检测器生成算法研究[D].浙江:浙江工业大学,2005
[12] Jianxiong Luo,Susan M. Bridges,Rayford B.Vaughn,et al.Fuzzy Frequent Episodes for Real-Time Intrusion Detection[A] .Fuzzy Systems.The 10th IEEE International Conference[C].Piscataway,2001:1-4
[13]张勇,欧阳明光,潘峰,等.基于免疫原理的多代理网络入侵检测系统的设计[ J].计算机应用与软件,2004:2-4
[14]张剑,龚俭.异常检测算法综述[J].计算机研究与发展,2003:1-4
[15] Dickerson,J Juslin,O Koukousoula,et al.JA:Fuzzy Intrusion Detection[A]. Proceeding of 20th NAFIPS International Conference[C].Vancouver,British Columbia,2001:1506-1510
[16] Siraj Ambareen,Susan M Bridges,Rayford B Vaughn.Fuzzy cognitive maps for decision support in an intelligent intrusion detection system[A].In:Proceedings of FSM NAFIPS 2001 [C].Canada,2001
[17]喻建平,闫巧.入侵检测系统的发展及其研究方向[J].信息安全与通信保密,2002,5:46-48
[18]戴云,范志平.入侵检测系统研究综述[J].计算机工程与应用,2002,16(4):17-21
[19]卿斯汉,蒋建春,马恒太,等.入侵检测技术研究综述[J].通信学报,2004,25(7):24-25
[20] D.Castro,L.N,J.Timmis.Artificial Immune Systems:A New Computational Intelligence Approach[A].ISBN 1-85233-594-7[C].London:Springer-Veralg,2002:53-104
[21]李军.人工免疫原理及其在入侵检测中的应用[D].成都:电子科技大学,2003
[22]张慧君.基于免疫策略的入侵检测技术的研究[D].河北:燕山大学,2004
[23] Kim J. W.,Integrating Artificial Immune Algorithms for Intrusion Detection[D]. London:Department of Computer Science,University College,2002
[24] Kim J.,Bentley P.The Artificial Immune System for Network Intrusion Detection,An Investigation of Clonal Selection with a Negative Selection Operator[A].The Congress on Evolutionary Computation[C] .Honolulu,2001:1-6
[25] Kim J. , Bentley P. , The Artificial Immune Model for Network Intrusion Detection[A] . 7th European Congress on Intelligent Techniques and Soft Computing[C] .Germany:Verlag Mainz,1999:1-7
[26]濮青.入侵检测系统面临问题与发展趋势研究[J].计算机工程与设计,2004,25(1):55-57
[27]丁永生.计算智能——理论、技术与应用[M].北京:科学出版社,2004:163-196
[28]李涛.计算机免疫学[M].北京:电子工业出版社,2004:78-111
[29]张四海,曹先彬,王煦法.基于免疫识别的免疫算法[J].电子学报,2002,20(12):1840-1844
[30] Zhou J,Dipankar D.Augmented negative selection algorithm with variable-coverage detectors[A].Proceedings of the Congress of Evolutionary Computation[C] .New Jersey:IEEE Press,2004:1081-1088
[31]吴作顺.基于免疫学的入侵检测系统研究[D].长沙:国防科学技术大学,2003
[32]赵俊忠,黄厚宽,田盛丰.免疫机制在计算机网络入侵检测中的应用研究[J].计算机研究与发展,2003,40(9):1293-1299
[33] Fabio Gonzalez.A study of artificial immune systems applied to anomaly detection[D].Memphis:The University of Memphis,2003
[34] Gonzalez L,Cannady J.A self-adaptive negative selection approach for anomaly detection[A].Proceedings of the Congress on Evolutionary Computation[C] .Piscataway:IEEE Press,2004:1561-1568
[35] Fabio A G,Dasgupta D.An immnogenetic technique to detect anomalies in network traffic[A].Proceedings of the Genetic and Evolutionary Computation Conference[C] .San Francisco:Morgan Kaufmann Publishers,2002:1081-1088
[36]孙冰.基于人工免疫原理入侵检测系统的研究[D].山东:中国石油大学,2006
[37]杨纶标,高英仪.模糊数学原理及应用[M].第三版.广东:华南理工大学出版社,2004:41-115
[38]孙东,黄天戍,秦丙栓等.基于模糊数据挖掘与遗传算法的异常检测方法[J].计算机应用,2006,26:1-4
[39] Jonatan Gomez , Dipankar Dasgupta.Evolving Fuzzy Classifiers for Intrusion Detection[A].Proceedings of the 2002 IEEE Workshop on Information Assurance[C] .United States Military Academy,2001,15:1-5
[40]闫巧.基于免疫机理的入侵检测系统研究[D].西安:西安电子科技大学,2003
[41]朱天清.模糊理论在入侵检测中的应用研究[D].武汉:武汉大学,2004
[42]杜广宇,黄天戍,李琦.网络入侵检测中人工免疫动态“自我”定义模型[J].计算机工程,2006,32:1-3
[43]高新波.模糊聚类分析及其应用[M].西安:电子科技大学出版社,2004:6-60
[44]王秀珍.模糊聚类分析法及其应用[J].长沙大学学报,1999,13(4):46-49
[45] Susan Bridges,Rayford Vaughn.Fuzzy data mining and genetic algorithms applied tointrusion detection[A] .Proceeding twenty third National Information Security Conference[C] .Maryland,USA, 2000:1-19
[46] Dasgupta D,Gonzalez F.Evolving complex fuzzy classifier rules using a linear tree genetic algorithm[A] .Proceedings of the Genetic and Evolutionary Computation Conference[C] .San Francisco:Morgan Kaufmann Publishers,2001:299-305
[47]白瑞祥.模糊C-均值聚类分析系统设计与实现[J].天津科技大学学报,2005,20(4):52-55
[48]蒋红芬.模糊聚类的改进及其在文本中的应用[D].山东:中国石油大学,2005
[49] Lincoln Laboratory.Massachusetts Institute of Technology.DARPA 99 Intrusion DetectionDataSet[EB/OL].http://www.ll.mit.edu/IST/ideval/data/1999/1999_data_index.html,2001
[50] Dasgupta D,Gonzalez F.An immunity-based technique to characterize intrusions in computer networks[J].IEEE Transactions on Evolutionary Computation,2002,6(3):281-291
[51]裴庆祺.模糊入侵检测技术研究[D].西安:西安电子科技大学,2004
[52]严骏.模糊聚类算法应用研究[D].浙江:浙江大学,2004
[53]向继东.基于数据挖掘的自适应入侵检测建模研究[D].武汉:武汉大学,2004
[54]杨芳.基于模糊方法的入侵检测系统研究[D].深圳:深圳大学,2000
[55] Kim J,Bentley P. Evaluating Negative Selection in an Artificial Immune System for Network Intrusion Detection[A].Genetic and Evolutionary Computation Conference (GECCO-2001)[C] .Washington DC,2001:1330-1337
[56] Balthrop J.Coverage and Generalization in an Artificial Immune System[A].In the proceedings of the 2002 Genetic and Evolutionary Computation Conference[C].San Francisco,2002:2-5
[57]徐汶东.基于免疫机制的入侵检测系统研究[D].山东:中国石油大学,2007
[58]冯艳华,钟诚,李智.一种基于多级否定选择的入侵检测器生成算法[J].计算机技术与发展,2006,16:1-3
[59] Gonzalez F. , A Study of Artificial Immune System Applied to Anomaly Detection[D].Memphis:The University of Memphis,2003
[60]贾皓昕.基于免疫原理的入侵检测系统研究[D].西安:西安电子科技大学,2005
[61]段友祥,王海峰.模糊逻辑在基于AIS的主机入侵检测中的应用[J].计算机工程与设计,2005,26(9):7-9
[62]凌军.基于免疫原理的入侵检测模型和方法研究[D].武汉:武汉大学,2003
[63] Jonatan Gomez C , Fabio Gonzalez.An Immuno-Fuzzy Approach to Anomaly Detection[A].IEEE International Conference Fuzzy System[C].Man and Cybernetics,2003:1219-1224
[64] Fabio González,Jonatan Gómez,Madhavi Kaniganti,et al.An Evolutionary Approach to Generate Fuzzy Anomaly Signatures[A].Proceedings of the Fourth Annual IEEE Information Assurance Workshop[C].Piscataway,New Jersey:IEEE Press,2003:251-259
[65]黄席樾..张著洪,何传江,等.现代智能算法理论及应用[M].北京:科学出版社,2005:15-153
[66]张凤斌.基于免疫遗传算法的入侵检测技术研究[D].哈尔滨:哈尔滨工程大学,2005
[67] Gonzalez F , Dasgupta D , Nino L F.A randomized real negative selection algorithm.ICARIS-03,2003
[68] Zhao J B,Huang H K.An evolving intrusion detection system based on natural immune system,Proceedings of IEEE Region 10 Conference on Computers,Communications,Control and Power Engineering,China,2002,Beijing:Institute of Electrical and Electronics Engineers,2002:129-132
[69] Sankalp Balachandran.Multi-shaped Detector generation using Real-valued representation for Anomaly Detection[D].Memphis:The University of Memphis,2005
[70]鲁云平.基于免疫原理的网络入侵检测技术研究[D].重庆:重庆大学,2003
[71]张雅静.计算机仿生物免疫检测算法及其应用研究[D].北京:北京理工大学,2003