研究网络入侵检测问题.在网络运行过程中,非法用户的入侵,造成网络不安全.为防御外来非法入侵,提出概念格和人工免疫技术融合的两级检测模型,可解决传统方法降维后信息丢失、检测正确率低、漏检率高等问题.首先对网络连接数据利用概念格属性约简方法进行降维,降低规则检测器建立复杂度;然后建立概念格的入侵规则检测器,并进行动态更新,用来检测绝大多数网络攻击行为:最后建立基于概念格的人工免疫检测器,增强了入侵检测的自适应性,作为辅助检测器检测前者漏检的网络攻击行为.仿真实验证明,改进方法检测正确率高,误检率和漏检率低,能够为网络信息系统提供良好的安全服务.%This paper studied the application of Intrusion Detection based on Concept Lattices and Artificial Immune. An intrusion detection model was given based on concept lattice and artificial immune. This approach solved the problems of losing information due to reduced dimensions, lower detection accuracy and high rate of undetected. First, attribute reduction of concept lattice was used to reduce the dimensions of network connection data, in order to reduce the complexity of establishing rules detector. Second, intrusion detector was established based on concept lattice and dynamic update of the detector, which can detect most of the network attacks. Third, the artificial immune detector was established based on concept lattice as an auxiliary detector, which can detect the network attacks undetected by the rules detector and solve the problem of high missing rate in using single detection means. Dynamic mutation enhanced self - adaptation of intrusion detector. Experiments show that the detection rate of network attacks is significantly increased. The method provides a safety service for computer systems.
展开▼
