文献类型：会议论文

英文题名：A Three-Level-Module adaptive intrusion detection system

作者：Zhao, Lin-hui[1,3];Wang, Yumin[2];Xiao, Jing[1];Dai, Ya-ping[1];Dong, Fang-yan[4];Liu, Hai-le[5]

第一作者：赵林惠;Zhao, Lin-hui

通讯作者：Zhao, LH[1]

机构：[1]Beijing Inst Technol, Sch Informat Sci & Technol, Beijing 100081, Peoples R China;[2]Qingdao Technol Univ, Sch Sci, Qingdao 266033, Peoples R China;[3]Beijing Union Univ, Coll Mechatroni, Beijing 100020, Peoples R China;[4]Tokyo Inst Technol, Dept Comp Intelligence & Syst Sci, Midori ku, Yokohama, Kanagawa 2268502,, Japan;[5]Artillery Command Acad, Langfang 065000, Peoples R China

第一机构：Beijing Inst Technol, Sch Informat Sci & Technol, Beijing 100081, Peoples R China

通讯机构：[1]corresponding author), Beijing Inst Technol, Sch Informat Sci & Technol, Beijing 100081, Peoples R China.

会议论文集：IEEE International Conference on Networking, Sensing and Control

会议日期：APR 15-17, 2007

会议地点：London, ENGLAND

语种：英文

外文关键词：intrusion detection; danger theory; data fusion algorithm

摘要：Based on the Danger theory, the immune network theory and the decision templates fusion algorithm, a three-level-module adaptive intrusion detection system (TAIDS) is presented in this paper. To consider the effect of danger signals, the results of decision templates algorithm are redefined by adding a kind of suspicion signal. So, the detection templates should be modified online, and a template-adjustable adaptive decision fusion algorithm is proposed. There are two benefits in the TAIDS. First, when it is difficult to distinguish current behaviors depending on familiar features, The TAIDS will discriminate them by means of danger theory, making false alarms reduced and the ability of identifying novel attacks enhanced. Second, the adaptive decision templates algorithm allows detection templates to modify dynamically without periodical updating. Experiments are carried out on KDD-CUP-99 database to verify the performance of this system. The false positive rate is 2.27%, and the accuracies on known attacks and on unknown attacks are respectively 97.67% and 98.75%.