Host machine intrusion detection method based on biological immune mechanism

A technology of biological immunity and intrusion detection, applied in the direction of biological models, instruments, platform integrity maintenance, etc., can solve the problems of low efficiency and long algorithm running time, and achieve the effect of high operating efficiency and reduced running time

Inactive Publication Date: 2014-12-10
HENAN UNIV OF SCI & TECH
View PDF2 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Usually, the exhaustive search strategy is adopted in the fuzzy association rule mining method, and the running time of the algorithm is long and the efficiency is low.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Host machine intrusion detection method based on biological immune mechanism
  • Host machine intrusion detection method based on biological immune mechanism
  • Host machine intrusion detection method based on biological immune mechanism

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038] The present invention will be further described in conjunction with the accompanying drawings and specific embodiments. The present invention mainly relates to the core part of a host intrusion detection system, that is, the algorithm for determining the fuzzy association rule base based on the biological immune mechanism and the fuzzy classification part based on the fuzzy association rule base, and the data source of the host audit data and host monitoring behavior Acquisition and specific responses for different attack types are not described in detail.

[0039] The present invention first performs attribute reduction and unified coding on the historical intrusion instances in the existing host audit data, and then determines the fuzzy association rule base through population evolution according to the known data sets of these characteristics and categories, which is called the training stage ;Finally, use the obtained fuzzy association rule base to perform intrusion d...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A host machine intrusion detection method based on a biological immune mechanism includes that firstly, history intrusion cases already existing in host machine audit data are subjected to attribute reduction and united coding, and language terminology and membership function of each attribute are determined; initial antibody population is randomly generated, an individual with highest affinity in a certain proportion is chosen to be subjected to cloning and mutation operation, then antibody population and memory population are updated, and finally an established fuzzy associate rule library is obtained; the intrusion detection is performed on real time data of host machine monitoring behaviors by means of the obtained fuzzy associate rule library; and if a novel attack type appears in the host machine monitoring behaviors, a novel associate rule is determined according to the attack type and is added into the fuzzy associate rule library. The detection method is characterized of having self-adaption, self-organization, high efficiency and high comprehensibility. The fuzzy associate rule library can be self-adaptively determined, the fuzzy associate rule library is added based on a dynamic change of intrusion behaviors, and information safety of a host machine system is protected.

Description

technical field [0001] The invention relates to a host intrusion detection method in computing security technology, specifically a method for determining a fuzzy association rule base based on a biological immune mechanism, and implementing intrusion detection for host monitoring behavior through fuzzy classification based on the fuzzy association rule base. Background technique [0002] With the development of computer network technology, more and more attention has been paid to computer system security. The host-based intrusion detection technology detects and analyzes the audit data of a specific host host, discovers intrusion and attack behaviors aimed at the host, and makes timely and effective corresponding protection measures. Host intrusion detection technology is an active system security strategy and scheme, which can make up for many deficiencies and weaknesses exposed by traditional network firewall technology. [0003] Since the monitoring behavior of the h...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/55G06N3/00
Inventor 张雷姜继民孟令瑞侯春杰范波
Owner HENAN UNIV OF SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap