基于免疫学原理的混合入侵检测系统
|
摘要
计算机系统安全要解决的问题与免疫系统要解决的问题非常类似。免疫系统保护躯体免受病原体的侵害,计算机系统安全保护计算机免遭入侵,将生物免疫学的原理和方法引入计算机安全领域的研究具有重要意义。
本文首先对入侵检测系统及其有关技术进行了阐述,对生物免疫系统原理、免疫系统组成、免疫细胞的功能、免疫系统的免疫过程、免疫原理应用于网络入侵检测的可行性和必要性、人工免疫系统的基本概念进行了讨论,重点分析了模型“自体”和“非自体”的界定、检测规则和检测算法,提出了新的NA匹配规则和基于否定选择、克隆选择的新的检测器生成算法,验证了新规则和新算法的有效性。
在此基础上给出了基于免疫学的混合入侵检测系统模型,在搭建的实验平台上利用KDDCup99实验数据包对该模型进行了测试,对测试结果进行了对比分析。结果显示本文设计的系统模型在检测性能上表现良好。
Because the problem faced in computer system is similar with immune system: immune system protects body from the harm of antigen and the computer security system protects computer form intrusion, thus, it is more significant to put the methods and principles of biology immune into the fields of computer safety system.
This article first elaborated the intrusion detection system and its relative technologies, then discussed the biological immunity system principle, the immunity system composition, the immune cell function, the immunity process of the immunity system, the feasibility and necessary of the network intrusion detection system based on the immunity principle, and the basic concept of artificial immunization system. We analyzed some key technologies on emphasis, such as the differentiation of the Self and Non-self set, matching rules and detection algorithms. The new NA matching rule was proposed and the algorithm was presented, involving negative selection and clonal selection. Some experiments were designed to demonstrate the validity of the new rule and algorithm, too.
Finally, this article has produced an intrusion detection system model based on immunology. On the experimental platform we test the model with KDDCup99 empirical datum Through comparion, we can see that the immunology model has higher detection rate and better real time, and can find the new intrusion.
本文首先对入侵检测系统及其有关技术进行了阐述,对生物免疫系统原理、免疫系统组成、免疫细胞的功能、免疫系统的免疫过程、免疫原理应用于网络入侵检测的可行性和必要性、人工免疫系统的基本概念进行了讨论,重点分析了模型“自体”和“非自体”的界定、检测规则和检测算法,提出了新的NA匹配规则和基于否定选择、克隆选择的新的检测器生成算法,验证了新规则和新算法的有效性。
在此基础上给出了基于免疫学的混合入侵检测系统模型,在搭建的实验平台上利用KDDCup99实验数据包对该模型进行了测试,对测试结果进行了对比分析。结果显示本文设计的系统模型在检测性能上表现良好。
Because the problem faced in computer system is similar with immune system: immune system protects body from the harm of antigen and the computer security system protects computer form intrusion, thus, it is more significant to put the methods and principles of biology immune into the fields of computer safety system.
This article first elaborated the intrusion detection system and its relative technologies, then discussed the biological immunity system principle, the immunity system composition, the immune cell function, the immunity process of the immunity system, the feasibility and necessary of the network intrusion detection system based on the immunity principle, and the basic concept of artificial immunization system. We analyzed some key technologies on emphasis, such as the differentiation of the Self and Non-self set, matching rules and detection algorithms. The new NA matching rule was proposed and the algorithm was presented, involving negative selection and clonal selection. Some experiments were designed to demonstrate the validity of the new rule and algorithm, too.
Finally, this article has produced an intrusion detection system model based on immunology. On the experimental platform we test the model with KDDCup99 empirical datum Through comparion, we can see that the immunology model has higher detection rate and better real time, and can find the new intrusion.
引文
[1] Richard Lippmann, Joshua W.Haines. "The 1999 Darpa Off-line Intrusion Detection Evaluation"[J] Computer Networks, 34 (4), p579-595, 2000
[2] Third Edition of the Intrusion Detection System http://www.nss.co.uk/ids/edition3/index.htm
[3] Stephanie Forrest .Steven A.Hofmeyr "John Holland's Invisible Hand: An Artifical Immune System" 2000.
[4] Steven A.Hofmeyr "An Interpretative Introduction to the Immune System.Design Principles for the Immune System and other Distributed Autonomous Systems. Oxford University, Press, Eds, I. Cohen and L. Segel. 2000
[5] Todd Hebertein L,Gihan Dias V, KarlLevittN. et al. A Network security, monitor. 1991.
[6] Paul E.Proctor.邓琦皓,许鸿飞,张斌.入侵检测实用手册.中国电力出版社.2002.10.
[7] 祁建清,闫镔,杨正.IDS研究概述.电子对抗技术.2001,第16卷第4期.
[8] Dacier M, Jackson K. Intrusion detection. Computer Networks, 1999.31.23-24.
[9] Bace RG Intrusion Detection. Technology Series. Macmillan. London. 2000.
[10] Sandeep Kumar. Classification and detection of Computer Intrusions. Ph.D thesis, Indiana: Purdue University
[11] 挂彦辉等.基于网络和主机相结合的入侵检测技术.火力与指挥控制.2002,第27卷第2期.
[12] 刘春颂,杨寿保,杜滨.基于网络的入侵检测系统及其实现.计算机应用.2003,第23卷第2期.
[13] 胡华平等.面向大规模网络的入侵检测与预警系统研究.国防科技大学学报.2003,第25卷第1期.
[14] 周建国,曹庆国,赵庆军.计算机网络入侵检测系统的研究.计算机工程2003,第29卷第2期.
[15] 张颖,王辉.一种与入侵检测互动的Internt安全防范系统.计算机工程与应用.2003,07.
[16] 江波,郭巧.基于网络的IDS的几点改进措施.计算机工程与设计.2003,第24卷第3期.
[17] Teng H S, Chen K, Lu S C. Security audit trail analysis using inductively generated predictive rules [A]. Proceeding of the Sixth Conference on Artificial Intelligence Applications. [C]. Los Alamitos, USA: IEEE Computer Society Press, 1990. 24-29.
[18] Crosbie M, Spafford E. Applying genetic programming to intrusion detection[R]. West Lafayette, USA:Purdue University, Department of Computer Sciences, 1995.
[19] Lane T, Brodley C E. Temporal sequence learning and data reduction for anomaly detection[J]. ACM Transactions on Information and System Security., 1999, 2(3): 295-331.
[20] Forrest S, Hofrneyr S A, Somayaji A. Computer immunology[J]. Communications of the ACM, 1997,40(10): 88-96.
[21] Kim J, Bentley P J. An evaluation of negative selection in an artificial immune system for network intrusion detection[A]. Proc of the Genetic and Evolutionary Computation Conference[C]. San Francisco,USA: ISGEC. 2001. 1330-1337.
[22] Ko C, Ruschizka M, Levitt K. Execution monitoring of security-critical programs in distributed systems: A specification-based approach[A]. Proceedings of the 1997 IEEE Symposium on Security, and Privacy [C]. Los Alamitos, USA: IEEE Computer Societtty press, 1997. 175-187.
[23] Sekar R, Gupta A, Frullo J, et al. Specification-based anomaly detection: A new approach for detecting network intrusions [A]. Proceedings of the 9th ACM Conference on Computer and Communications Security[C]. New York, USA: ACM Press, 2002. 265-274.
[24] Lee W, Stolfo S J, Chan P K. et al. Real time data mining-based intrusion detection[A]. Proceedings of 2nd DARPA Information Survivability. Conference and Exposition (DISCEX) [C]. Los Alamitos, USA: IEEE Computer Society. Press, 2001.89-100.
[25] Kim G H, Spafford E H. Experiences with tripwire: Using integrity checkers for intrusion detection[R]. West Lafayette, USA: Purdue University, Depatment of Computer Sciences, 1994.
[26] Krueget C, Mutz D, Robertson W, et al. Bayesian event classification for intrusion detection[A]. Proc of the 19th Annual Computer Security. Applications Conference (ACSAC) [C]. Los Alamitos, USA: IEEE Computer Society Press, 2003. 14-23.
[27] Garvey T D, Lunt T F. Model based intrusion detection[A]. Proceeding of the 14th National Computer Security, Conference[C]. Baltimore, USA:NIST, 1991. 372-385.
[28] Eckmann S T, Vigna G, Kemmerer R A. STATL: An attack language for state-based intrusion detection [J]. Journal of Computer Security, 2002. 10(1/2):71-104.
[29] Kumar S, Spafford E H. A software architecture to support misuse intrusion detection[R]. West Lafayette, USA:Purdue University, Department of Computer Sciences, 1995.
[30] Abbes T, Bouhoula A, Rusinowitch M. Protocol analysis in intrusion detection using decision tree[A]. Proceeding of the International Conference on Information Technology: Coding and Computing (ITCC'04) [C]. Los Alamitos. USA:IEEE Computer Society Press, 2004.404-409.
[31] Kruegel C, Toth T. Using decision trees to improve signature-based intrusion detection[A]. Proceeding of RAID'2003[C]. Berlin Heidelberg New York: Springer Verlag, 2003. 173-191.
[32] Erbacher R F, Frincke D. Visualization in detection of intrusions and misuse in large scale networks [A]. Proceeding of the International Conference on Information Visualization '2000[C]. Los Alamitos, USA: IEEE Comouter Society Press, 2000. 294-299.
[33] Spitzner L. The honeynet project: Trapping the hackers [J]. IEEE Security and Privacy, 2003, 1(2):15-23.
[34] Denning DE, Edwards DL. Jagannathan R, et al.A prototype IDES: A real-time intrusion detection expert system. Technical report, Computer Science Laboratory. SRI International, Menlo Park, 1987.
[35] 鲁宏伟,罗钢.基于专家系统的入侵检测方法.武钢技术.2003,第41卷第1期.
[36] 李昀,李伟华.分布式入侵检测系统的研究与实现.计算机工程与应用.2003,04.
[37] Fred Cohen "50 Ways To Defeat Your Intrusion Detection System".http://www.all.net/joumal/netsec/9712.html
[38] T. H. Ptacek, T. N. Newsham, "Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection", Secure Networks, Inc. 1998
[39] Richard Lippmann, Joshua W.Haines. "The 1999 Darpa Off-Line Intrusion Detection Evaluation" Computer Networks, 34(4), p579-595, 2000
[40] R. Lippmann, D. Fried, I. Graf, J. Haines, K. Kendall,D. McClung, D. Weber, S. Webster, D. Wyschogrod,R. Cunninghan, and M. Zissman. Evaluating intrusion detection systems: The 1998 darpa off-line intrusion detection evaluation. In Proceedings of the 2000 DARPA Information Survivability Conference and Exposition, January 2000.
[41] 李涛.计算机免疫学,北京:电子工业出版社.2004:53
[42] S Forrest, A S Perelson, L Allen, R Cherrkuri. Self-nonself discrimination in a computer. IEEE 1994 1063-7109:202-212
[43] Mori M, Tsukiyama M, Fukuda T .Immune Algorithm with Searching Diversity and Its Application to Resource Allocation Problem. Trans .IEEE Japan, 113-C(10):872-878
[44] Jang-Sung Chun, Jeong-Pil Lim, Hyun-Kyo Jung. Optimal design of synchronous motor with parameter correction using immune algorithm. IEEE 1999, 14(3):610-615
[45] De Castro L N, Von Zuben F J. Artificial Immune System: Part I-Basic Theory and Applications. Technical Report RT DCA, Brazil, 1999.1
[46] L N de Castro, F J Von Zuben, The clonal Selection Algorithm with engineering Applications. Proceedings of GECCO'00, Las Vegas, Nevada, USA 2000
[47] J Kim, P Bentley. Towards an Artificial Immune System for Network Intrusion Detection: An
investigation of Clonal Selection with a negative Selection Operator. Proceedings of the Congress on Evolutionary Computation. (CEC), Seoul, Korea, 2001:1244-1252
[48] Forrest S, Javornik B, Smith R E. Using genetic algorithms to explore pattern recognition in the immune system. Evolutionary Computation, 1993, 1 (3): 191-211.
[49] Chun J S, Kim M K, Jung H K et al. Shape optimization of electromagnetic devices using immune algorithm. IEEE Transactions on Magnetics, I997, 33(2): 1876-1879.
[50] Chun J S, Jung H K, Hahn S Y A study on comparison of optimization performance between immune algorithm and other heuristic algorithms. IEEE Transactions on Magnetics, 1998,34(5): 2972-2975.
[51] 刘克胜,曹先彬,郑浩然等.基于免疫算法的TSP问题求解.计算机工程,2000,26(1):1-2.
[52] Ishida Y, Adachi N. active Noise Control by an Immune Algorithm: Adaptation in Immune System as an evolution. In: Proceedings of the IEEE Conference on Evolutionary Computation, 1996: 150-153.
[53] 丁永生,任立红.一种新颖的模糊自调整免疫反馈控制系统.控制与决策,2000,15(4):443-446.
[54] Lendro Nunes, De Castro L N, Femando Jose, et al. aiNET: An Aritificial Immune Network for Date Analysis, in Date Mining: A Heuristic Approach, 2001.
[55] Dipankar D, Yu S, Majumdar N S. MILA-Multilevel Immune Learning Algorithm, In the proceedings of GECCO, 2003.
[56] S Forrest, A S Perleson, L Allen, R Cherukuri, Self-Nonself Discriminaion in a computer, Proceedings of IEEE Symposium on Research in security and Privacy, Oakland, 1994.5
[57] Ayara, Timmis, de Lemos, de Castro, Duncan. Negative Selection: How to Generate Detectors. Proceedings of 1 st International Conference on Artificial Immune Systems(ICARIS-2002), University of Kent at Canterbury, UK, 2002.9
[58] K im, Bentley, Immune Memory in the Dynamic Clonal Selection Algorithm. 1st International Conference on Artificial ImmuneSystems (ICARIS-2002), University of Kent at Canterbury, UK, 2002.9
[59] 张彦超,阙喜戎,王文东.一种基于免疫原理的网络入侵检测模型.计算机工程与应用,2002.10:159-161.
[60] 张衡等,一种r可变阴性选择算法及其防真分析,v0l.28,No.10,2005
[61] Nadlcr M, Smith E R,Pattern Recognition Engineering.New York: Wiley, 1993.
[62] Perelson A S, Weisbuch G etal. Theoretical and Experimental Insights into Immunology. New York: Springer-Veriag, 1992, ch. Probability of self-nonself discrimination, 63-70.
[63] 陈波,于怜.基于人工免疫的网络入侵检测[J].计算机工程与应用,2002,22,165-167
[64] Balthrop J. Coverage and Generalization in an Artificial Immune System. In the proceedings of the 2002 Genetic and Evolutionary Computation Conference.
[65] 付小青 陈进,人工免疫原理在网络入侵检测系统中的研究,2006.7
[66] P K Harmer, P D Williams, G H Gunsch, et al. An Artificial Immune System Architecture for Computer Security Applications. In the Special Issue on Artificial Immune Systems of the journal IEEE Transactions on Evolutionary Computation, Vol.6, No.3, June, 2002.
[67] Keming Xie, Yonggui Du, Chengyi Sun. Application of the Mind-Evolution-Based Machine Learning Algorithm in Mixture-Ratio Calculation of Raw Materials Cement, The 3th World Congress on Intelligent Control and Automation (WCICA'2000), Hefei, China, 2000,7: 132-134.
[68] Xie Gang, Xu Xingying, Xie Kerning, et al. Clone mind evolution algorithm. Lecture Notes in Computer Science, v 3611, n PART Ⅱ, Advances in Natural Computation: First International Conference, ICNC 2005. Proceedings, 2005: 945-950. (EI: 05439427285, SCI: 000232222500132)
[69] Xie Gang, Guo Hongbo, Xie Kerning, et al. Research on clone mind evolution algorithm. Lecture Notes in artificial intelligence, v3641, 2005:431-440. (SCI: 000232188600045)
[70] 吴作顺.基于免疫学的入侵检测系统研究,博士学位论文国防社学技术大学,2003.
[71] R D'haeseleer. Further efficient algorithms for generating antibody strings. Technical Report CS95-3, The University of New Mexico 1995. Albuquerque, NM, 1995
[2] Third Edition of the Intrusion Detection System http://www.nss.co.uk/ids/edition3/index.htm
[3] Stephanie Forrest .Steven A.Hofmeyr "John Holland's Invisible Hand: An Artifical Immune System" 2000.
[4] Steven A.Hofmeyr "An Interpretative Introduction to the Immune System.Design Principles for the Immune System and other Distributed Autonomous Systems. Oxford University, Press, Eds, I. Cohen and L. Segel. 2000
[5] Todd Hebertein L,Gihan Dias V, KarlLevittN. et al. A Network security, monitor. 1991.
[6] Paul E.Proctor.邓琦皓,许鸿飞,张斌.入侵检测实用手册.中国电力出版社.2002.10.
[7] 祁建清,闫镔,杨正.IDS研究概述.电子对抗技术.2001,第16卷第4期.
[8] Dacier M, Jackson K. Intrusion detection. Computer Networks, 1999.31.23-24.
[9] Bace RG Intrusion Detection. Technology Series. Macmillan. London. 2000.
[10] Sandeep Kumar. Classification and detection of Computer Intrusions. Ph.D thesis, Indiana: Purdue University
[11] 挂彦辉等.基于网络和主机相结合的入侵检测技术.火力与指挥控制.2002,第27卷第2期.
[12] 刘春颂,杨寿保,杜滨.基于网络的入侵检测系统及其实现.计算机应用.2003,第23卷第2期.
[13] 胡华平等.面向大规模网络的入侵检测与预警系统研究.国防科技大学学报.2003,第25卷第1期.
[14] 周建国,曹庆国,赵庆军.计算机网络入侵检测系统的研究.计算机工程2003,第29卷第2期.
[15] 张颖,王辉.一种与入侵检测互动的Internt安全防范系统.计算机工程与应用.2003,07.
[16] 江波,郭巧.基于网络的IDS的几点改进措施.计算机工程与设计.2003,第24卷第3期.
[17] Teng H S, Chen K, Lu S C. Security audit trail analysis using inductively generated predictive rules [A]. Proceeding of the Sixth Conference on Artificial Intelligence Applications. [C]. Los Alamitos, USA: IEEE Computer Society Press, 1990. 24-29.
[18] Crosbie M, Spafford E. Applying genetic programming to intrusion detection[R]. West Lafayette, USA:Purdue University, Department of Computer Sciences, 1995.
[19] Lane T, Brodley C E. Temporal sequence learning and data reduction for anomaly detection[J]. ACM Transactions on Information and System Security., 1999, 2(3): 295-331.
[20] Forrest S, Hofrneyr S A, Somayaji A. Computer immunology[J]. Communications of the ACM, 1997,40(10): 88-96.
[21] Kim J, Bentley P J. An evaluation of negative selection in an artificial immune system for network intrusion detection[A]. Proc of the Genetic and Evolutionary Computation Conference[C]. San Francisco,USA: ISGEC. 2001. 1330-1337.
[22] Ko C, Ruschizka M, Levitt K. Execution monitoring of security-critical programs in distributed systems: A specification-based approach[A]. Proceedings of the 1997 IEEE Symposium on Security, and Privacy [C]. Los Alamitos, USA: IEEE Computer Societtty press, 1997. 175-187.
[23] Sekar R, Gupta A, Frullo J, et al. Specification-based anomaly detection: A new approach for detecting network intrusions [A]. Proceedings of the 9th ACM Conference on Computer and Communications Security[C]. New York, USA: ACM Press, 2002. 265-274.
[24] Lee W, Stolfo S J, Chan P K. et al. Real time data mining-based intrusion detection[A]. Proceedings of 2nd DARPA Information Survivability. Conference and Exposition (DISCEX) [C]. Los Alamitos, USA: IEEE Computer Society. Press, 2001.89-100.
[25] Kim G H, Spafford E H. Experiences with tripwire: Using integrity checkers for intrusion detection[R]. West Lafayette, USA: Purdue University, Depatment of Computer Sciences, 1994.
[26] Krueget C, Mutz D, Robertson W, et al. Bayesian event classification for intrusion detection[A]. Proc of the 19th Annual Computer Security. Applications Conference (ACSAC) [C]. Los Alamitos, USA: IEEE Computer Society Press, 2003. 14-23.
[27] Garvey T D, Lunt T F. Model based intrusion detection[A]. Proceeding of the 14th National Computer Security, Conference[C]. Baltimore, USA:NIST, 1991. 372-385.
[28] Eckmann S T, Vigna G, Kemmerer R A. STATL: An attack language for state-based intrusion detection [J]. Journal of Computer Security, 2002. 10(1/2):71-104.
[29] Kumar S, Spafford E H. A software architecture to support misuse intrusion detection[R]. West Lafayette, USA:Purdue University, Department of Computer Sciences, 1995.
[30] Abbes T, Bouhoula A, Rusinowitch M. Protocol analysis in intrusion detection using decision tree[A]. Proceeding of the International Conference on Information Technology: Coding and Computing (ITCC'04) [C]. Los Alamitos. USA:IEEE Computer Society Press, 2004.404-409.
[31] Kruegel C, Toth T. Using decision trees to improve signature-based intrusion detection[A]. Proceeding of RAID'2003[C]. Berlin Heidelberg New York: Springer Verlag, 2003. 173-191.
[32] Erbacher R F, Frincke D. Visualization in detection of intrusions and misuse in large scale networks [A]. Proceeding of the International Conference on Information Visualization '2000[C]. Los Alamitos, USA: IEEE Comouter Society Press, 2000. 294-299.
[33] Spitzner L. The honeynet project: Trapping the hackers [J]. IEEE Security and Privacy, 2003, 1(2):15-23.
[34] Denning DE, Edwards DL. Jagannathan R, et al.A prototype IDES: A real-time intrusion detection expert system. Technical report, Computer Science Laboratory. SRI International, Menlo Park, 1987.
[35] 鲁宏伟,罗钢.基于专家系统的入侵检测方法.武钢技术.2003,第41卷第1期.
[36] 李昀,李伟华.分布式入侵检测系统的研究与实现.计算机工程与应用.2003,04.
[37] Fred Cohen "50 Ways To Defeat Your Intrusion Detection System".http://www.all.net/joumal/netsec/9712.html
[38] T. H. Ptacek, T. N. Newsham, "Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection", Secure Networks, Inc. 1998
[39] Richard Lippmann, Joshua W.Haines. "The 1999 Darpa Off-Line Intrusion Detection Evaluation" Computer Networks, 34(4), p579-595, 2000
[40] R. Lippmann, D. Fried, I. Graf, J. Haines, K. Kendall,D. McClung, D. Weber, S. Webster, D. Wyschogrod,R. Cunninghan, and M. Zissman. Evaluating intrusion detection systems: The 1998 darpa off-line intrusion detection evaluation. In Proceedings of the 2000 DARPA Information Survivability Conference and Exposition, January 2000.
[41] 李涛.计算机免疫学,北京:电子工业出版社.2004:53
[42] S Forrest, A S Perelson, L Allen, R Cherrkuri. Self-nonself discrimination in a computer. IEEE 1994 1063-7109:202-212
[43] Mori M, Tsukiyama M, Fukuda T .Immune Algorithm with Searching Diversity and Its Application to Resource Allocation Problem. Trans .IEEE Japan, 113-C(10):872-878
[44] Jang-Sung Chun, Jeong-Pil Lim, Hyun-Kyo Jung. Optimal design of synchronous motor with parameter correction using immune algorithm. IEEE 1999, 14(3):610-615
[45] De Castro L N, Von Zuben F J. Artificial Immune System: Part I-Basic Theory and Applications. Technical Report RT DCA, Brazil, 1999.1
[46] L N de Castro, F J Von Zuben, The clonal Selection Algorithm with engineering Applications. Proceedings of GECCO'00, Las Vegas, Nevada, USA 2000
[47] J Kim, P Bentley. Towards an Artificial Immune System for Network Intrusion Detection: An
investigation of Clonal Selection with a negative Selection Operator. Proceedings of the Congress on Evolutionary Computation. (CEC), Seoul, Korea, 2001:1244-1252
[48] Forrest S, Javornik B, Smith R E. Using genetic algorithms to explore pattern recognition in the immune system. Evolutionary Computation, 1993, 1 (3): 191-211.
[49] Chun J S, Kim M K, Jung H K et al. Shape optimization of electromagnetic devices using immune algorithm. IEEE Transactions on Magnetics, I997, 33(2): 1876-1879.
[50] Chun J S, Jung H K, Hahn S Y A study on comparison of optimization performance between immune algorithm and other heuristic algorithms. IEEE Transactions on Magnetics, 1998,34(5): 2972-2975.
[51] 刘克胜,曹先彬,郑浩然等.基于免疫算法的TSP问题求解.计算机工程,2000,26(1):1-2.
[52] Ishida Y, Adachi N. active Noise Control by an Immune Algorithm: Adaptation in Immune System as an evolution. In: Proceedings of the IEEE Conference on Evolutionary Computation, 1996: 150-153.
[53] 丁永生,任立红.一种新颖的模糊自调整免疫反馈控制系统.控制与决策,2000,15(4):443-446.
[54] Lendro Nunes, De Castro L N, Femando Jose, et al. aiNET: An Aritificial Immune Network for Date Analysis, in Date Mining: A Heuristic Approach, 2001.
[55] Dipankar D, Yu S, Majumdar N S. MILA-Multilevel Immune Learning Algorithm, In the proceedings of GECCO, 2003.
[56] S Forrest, A S Perleson, L Allen, R Cherukuri, Self-Nonself Discriminaion in a computer, Proceedings of IEEE Symposium on Research in security and Privacy, Oakland, 1994.5
[57] Ayara, Timmis, de Lemos, de Castro, Duncan. Negative Selection: How to Generate Detectors. Proceedings of 1 st International Conference on Artificial Immune Systems(ICARIS-2002), University of Kent at Canterbury, UK, 2002.9
[58] K im, Bentley, Immune Memory in the Dynamic Clonal Selection Algorithm. 1st International Conference on Artificial ImmuneSystems (ICARIS-2002), University of Kent at Canterbury, UK, 2002.9
[59] 张彦超,阙喜戎,王文东.一种基于免疫原理的网络入侵检测模型.计算机工程与应用,2002.10:159-161.
[60] 张衡等,一种r可变阴性选择算法及其防真分析,v0l.28,No.10,2005
[61] Nadlcr M, Smith E R,Pattern Recognition Engineering.New York: Wiley, 1993.
[62] Perelson A S, Weisbuch G etal. Theoretical and Experimental Insights into Immunology. New York: Springer-Veriag, 1992, ch. Probability of self-nonself discrimination, 63-70.
[63] 陈波,于怜.基于人工免疫的网络入侵检测[J].计算机工程与应用,2002,22,165-167
[64] Balthrop J. Coverage and Generalization in an Artificial Immune System. In the proceedings of the 2002 Genetic and Evolutionary Computation Conference.
[65] 付小青 陈进,人工免疫原理在网络入侵检测系统中的研究,2006.7
[66] P K Harmer, P D Williams, G H Gunsch, et al. An Artificial Immune System Architecture for Computer Security Applications. In the Special Issue on Artificial Immune Systems of the journal IEEE Transactions on Evolutionary Computation, Vol.6, No.3, June, 2002.
[67] Keming Xie, Yonggui Du, Chengyi Sun. Application of the Mind-Evolution-Based Machine Learning Algorithm in Mixture-Ratio Calculation of Raw Materials Cement, The 3th World Congress on Intelligent Control and Automation (WCICA'2000), Hefei, China, 2000,7: 132-134.
[68] Xie Gang, Xu Xingying, Xie Kerning, et al. Clone mind evolution algorithm. Lecture Notes in Computer Science, v 3611, n PART Ⅱ, Advances in Natural Computation: First International Conference, ICNC 2005. Proceedings, 2005: 945-950. (EI: 05439427285, SCI: 000232222500132)
[69] Xie Gang, Guo Hongbo, Xie Kerning, et al. Research on clone mind evolution algorithm. Lecture Notes in artificial intelligence, v3641, 2005:431-440. (SCI: 000232188600045)
[70] 吴作顺.基于免疫学的入侵检测系统研究,博士学位论文国防社学技术大学,2003.
[71] R D'haeseleer. Further efficient algorithms for generating antibody strings. Technical Report CS95-3, The University of New Mexico 1995. Albuquerque, NM, 1995