CN113836526B - 一种基于改进免疫网络算法的入侵检测方法及其应用 - Google Patents
一种基于改进免疫网络算法的入侵检测方法及其应用 Download PDFInfo
- Publication number
- CN113836526B CN113836526B CN202111136304.7A CN202111136304A CN113836526B CN 113836526 B CN113836526 B CN 113836526B CN 202111136304 A CN202111136304 A CN 202111136304A CN 113836526 B CN113836526 B CN 113836526B
- Authority
- CN
- China
- Prior art keywords
- antibody
- affinity
- network
- antigen
- boundary
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000004422 calculation algorithm Methods 0.000 title claims abstract description 72
- 238000001514 detection method Methods 0.000 title claims abstract description 60
- 239000000427 antigen Substances 0.000 claims abstract description 102
- 102000036639 antigens Human genes 0.000 claims abstract description 102
- 108091007433 antigens Proteins 0.000 claims abstract description 102
- 238000012549 training Methods 0.000 claims abstract description 20
- 238000000034 method Methods 0.000 claims abstract description 19
- 230000009977 dual effect Effects 0.000 claims abstract description 13
- 238000010367 cloning Methods 0.000 claims abstract description 11
- 239000003795 chemical substances by application Substances 0.000 claims description 24
- 230000035772 mutation Effects 0.000 claims description 11
- 238000003860 storage Methods 0.000 claims description 8
- 238000012935 Averaging Methods 0.000 claims description 3
- 230000009467 reduction Effects 0.000 claims description 3
- 230000035515 penetration Effects 0.000 claims description 2
- 238000010586 diagram Methods 0.000 description 12
- 238000004590 computer program Methods 0.000 description 11
- 238000012545 processing Methods 0.000 description 9
- 230000006399 behavior Effects 0.000 description 7
- 238000002474 experimental method Methods 0.000 description 6
- 230000028993 immune response Effects 0.000 description 6
- 238000012986 modification Methods 0.000 description 5
- 230000004048 modification Effects 0.000 description 5
- 230000006870 function Effects 0.000 description 4
- 210000000987 immune system Anatomy 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 230000008595 infiltration Effects 0.000 description 3
- 238000001764 infiltration Methods 0.000 description 3
- 238000013528 artificial neural network Methods 0.000 description 2
- 230000004663 cell proliferation Effects 0.000 description 2
- 238000007635 classification algorithm Methods 0.000 description 2
- 235000018185 Betula X alpestris Nutrition 0.000 description 1
- 235000018212 Betula X uliginosa Nutrition 0.000 description 1
- 230000002159 abnormal effect Effects 0.000 description 1
- 230000004075 alteration Effects 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000003111 delayed effect Effects 0.000 description 1
- 238000009826 distribution Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000008073 immune recognition Effects 0.000 description 1
- 230000036039 immunity Effects 0.000 description 1
- 230000001939 inductive effect Effects 0.000 description 1
- 230000005764 inhibitory process Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000004088 simulation Methods 0.000 description 1
- 230000000638 stimulation Effects 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/24—Classification techniques
- G06F18/243—Classification techniques relating to the number of classes
- G06F18/2431—Multiple classes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/004—Artificial life, i.e. computing arrangements simulating life
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/034—Test or assess a computer or a system
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Data Mining & Analysis (AREA)
- Computing Systems (AREA)
- Life Sciences & Earth Sciences (AREA)
- Artificial Intelligence (AREA)
- Evolutionary Computation (AREA)
- Health & Medical Sciences (AREA)
- Bioinformatics & Cheminformatics (AREA)
- Biophysics (AREA)
- General Health & Medical Sciences (AREA)
- Molecular Biology (AREA)
- Biomedical Technology (AREA)
- Mathematical Physics (AREA)
- Computational Linguistics (AREA)
- Bioinformatics & Computational Biology (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Evolutionary Biology (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
攻击类型 | 维数 | 样本个数 |
Bot | 10 | 8000 |
Benign | 10 | 8000 |
Infilteration | 10 | 8000 |
SSH-Bruteforce | 10 | 8000 |
Dosattack-GoldenEye | 10 | 8000 |
抗体临界阈值 | 抗体抑制距离 | 抗体半径 | 最大迭代次数 |
0.12 | 0.4 | 0.81 | 550 |
算法 | 已知攻击(%) | 未知攻击(%) |
Bot | 90.23 | 84.72 |
Infilteration | 89.57 | 80.28 |
SSH-Bruteforce | 84.69 | 81.57 |
Dosattack-GoldenEye | 86.55 | 78.27 |
Claims (6)
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111136304.7A CN113836526B (zh) | 2021-09-27 | 2021-09-27 | 一种基于改进免疫网络算法的入侵检测方法及其应用 |
US17/953,349 US11762992B2 (en) | 2021-09-27 | 2022-09-27 | Intrusion detection method based on improved immune network algorithm, and application thereof |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111136304.7A CN113836526B (zh) | 2021-09-27 | 2021-09-27 | 一种基于改进免疫网络算法的入侵检测方法及其应用 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN113836526A CN113836526A (zh) | 2021-12-24 |
CN113836526B true CN113836526B (zh) | 2022-08-09 |
Family
ID=78970907
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202111136304.7A Active CN113836526B (zh) | 2021-09-27 | 2021-09-27 | 一种基于改进免疫网络算法的入侵检测方法及其应用 |
Country Status (2)
Country | Link |
---|---|
US (1) | US11762992B2 (zh) |
CN (1) | CN113836526B (zh) |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112532463A (zh) * | 2020-12-17 | 2021-03-19 | 四川长虹电器股份有限公司 | 一种计算机网络故障诊断方法 |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7565690B2 (en) | 2003-08-04 | 2009-07-21 | At&T Intellectual Property I, L.P. | Intrusion detection |
US9325949B2 (en) | 2012-11-19 | 2016-04-26 | Qualcomm Incorporated | Intrusion detection |
CN104392269B (zh) * | 2014-11-19 | 2017-04-19 | 天津大学 | 一种基于人工免疫的微电网分布式电源竞价方法 |
WO2017091822A1 (en) * | 2015-11-25 | 2017-06-01 | Fliri Anton Franz Joseph | Method and descriptors for comparing object-induced information flows in a plurality of interaction networks |
US10791128B2 (en) | 2017-09-28 | 2020-09-29 | Microsoft Technology Licensing, Llc | Intrusion detection |
-
2021
- 2021-09-27 CN CN202111136304.7A patent/CN113836526B/zh active Active
-
2022
- 2022-09-27 US US17/953,349 patent/US11762992B2/en active Active
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112532463A (zh) * | 2020-12-17 | 2021-03-19 | 四川长虹电器股份有限公司 | 一种计算机网络故障诊断方法 |
Also Published As
Publication number | Publication date |
---|---|
CN113836526A (zh) | 2021-12-24 |
US20230095966A1 (en) | 2023-03-30 |
US11762992B2 (en) | 2023-09-19 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9923912B2 (en) | Learning detector of malicious network traffic from weak labels | |
Tesfahun et al. | Intrusion detection using random forests classifier with SMOTE and feature reduction | |
CN111209563B (zh) | 一种网络入侵检测方法及系统 | |
Bhati et al. | An intrusion detection scheme based on the ensemble of discriminant classifiers | |
CN112738015A (zh) | 一种基于可解释卷积神经网络cnn与图检测的多步攻击检测方法 | |
CN111428231A (zh) | 基于用户行为的安全处理方法、装置及设备 | |
Pang et al. | Imbalanced learning based on adaptive weighting and Gaussian function synthesizing with an application on Android malware detection | |
CN111047173B (zh) | 基于改进d-s证据理论的社团可信度评估方法 | |
CN110879881A (zh) | 基于特征组分层和半监督随机森林的鼠标轨迹识别方法 | |
CN114218998A (zh) | 一种基于隐马尔可夫模型的电力系统异常行为分析方法 | |
Iqbal et al. | Mitochondrial organelle movement classification (fission and fusion) via convolutional neural network approach | |
Mhawi et al. | Proposed Hybrid CorrelationFeatureSelectionForestPanalizedAttribute Approach to advance IDSs | |
Zheng et al. | Preprocessing method for encrypted traffic based on semisupervised clustering | |
CN113343123A (zh) | 一种生成对抗多关系图网络的训练方法和检测方法 | |
CN113836526B (zh) | 一种基于改进免疫网络算法的入侵检测方法及其应用 | |
CN117172875A (zh) | 欺诈检测方法、装置、设备及存储介质 | |
Jie | Research on malicious TLS traffic identification based on hybrid neural network | |
CN115277065B (zh) | 一种物联网异常流量检测中的对抗攻击方法及装置 | |
CN116545733A (zh) | 一种电网入侵检测方法及系统 | |
CN115982706A (zh) | 基于api调用序列行为多视角融合的恶意软件检测方法 | |
Leevy et al. | Feature evaluation for IoT botnet traffic classification | |
Firmansyah et al. | Evaluation of naive bayes, random forest and stochastic gradient boosting algorithm on ddos attack detection | |
ZHANG et al. | Integrated intrusion detection model based on artificial immune | |
Nie et al. | Intrusion detection based on nonsymmetric sparse autoencoder | |
CN112149121A (zh) | 一种恶意文件识别方法、装置、设备及存储介质 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right |
Effective date of registration: 20240410 Address after: Room 513, Hubei University Comprehensive Building, No. 368 Youyi Avenue, Wuchang District, Wuhan City, Hubei Province, 430062 Patentee after: Hubei Huda Asset Management Co.,Ltd. Country or region after: China Address before: 430062 368 Friendship Avenue, Wuchang District, Wuhan, Hubei. Patentee before: Hubei University Country or region before: China |
|
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20240412 Address after: Room 603, Operation and Maintenance Building, No. 9 Wang'an Avenue, Dongxihu District, Wuhan City, Hubei Province, 430000 Patentee after: Zhongjin Yunlian (Wuhan) Digital Technology Co.,Ltd. Country or region after: China Address before: Room 513, Hubei University Comprehensive Building, No. 368 Youyi Avenue, Wuchang District, Wuhan City, Hubei Province, 430062 Patentee before: Hubei Huda Asset Management Co.,Ltd. Country or region before: China |