Netinfo Security ›› 2020, Vol. 20 ›› Issue (12): 19-27.doi: 10.3969/j.issn.1671-1122.2020.12.003

Previous Articles     Next Articles

Research and Optimization of Intrusion Detection Based on Improved V-detector Algorithm

HE Jingsha1, HAN Song2(), ZHU Nafei1, GE Jiake3   

  1. 1. Department of Information Science, Beijing University of Technology, Beijing 100124, China
    2. State Nuclear Electric Power Planning Design & Research Institute Co., LTD., Beijing 100095, China
    3. School of Information, Renmin University of China, Beijing 100872, China
  • Received:2020-07-13 Online:2020-12-10 Published:2021-01-12
  • Contact: HAN Song E-mail:418594110@qq.com

Abstract:

With the rapid increase in the number of Internet users, network threats are also growing rapidly. Traditional passive defense measures are not enough to defend against the ever-changing network intrusions. The principle of traditional intrusion detection system is to collect virus features and then match them. For unknown viruses, the traditional detection mechanism lags behind. Facing the increasingly complex network security environment, it is of great significance to study intrusion detection system based on artificial immune theory. This paper first introduces the core idea of artificial immune theory, which is negative selection algorithm, and then introduces real value negative selection algorithm and V-detector algorithm. In view of the shortcomings of V-detector algorithm, three improvements are made. The clonal selection algorithm based on distance variation is proposed to improve the efficiency of detector generation. The de-redundancy algorithm is proposed to reduce detector redundancy and accelerate algorithm convergence. The improved hypothesis testing method is used to evaluate the coverage of the detector set. Experiments show that the improved V-detector algorithm can effectively improve the detection accuracy, reduce the detection of black holes, and greatly reduce the detection time.

Key words: intrusion detection, V-detector algorithm, hypothesis testing

CLC Number: