基于粒子群和人工免疫的混合入侵检测系统研究

目前,漏报率和误报率高一直是入侵检测系统（IDS）的主要问题,而IDS主要有误用型和异常型两种检测技术。根据这两种检测技术各自的优点以及它们的互补性,本文给出一种基于人工免疫的异常检测技术和基于粒子群优化（PSO）的误用检测技术相结合的IDS模型;同时,该系统还结合特征选择技术降低数据维度,提高系统检测性能。实验表明,该
系统具有较高的检测率和较低的误报率,可以自动更新规则库,并且记忆未知类型的攻击,是一种有效的检测方法。

Research of a Hybrid Intrusion Detection System Based on Particle Swarm Optimization and Artificial Immunology

Currently,the false positive and false negative rates of Intrusion Detection Systems(IDS) are very high.They are always the key problems in IDSs.But anomaly detection and misuse detection are two main technologies applied in IDSs.Because both the technologies have their own advantages and complementarity,this paper presents a model of IDS based on the combination of misuse detection and anomaly detection.In this model,misuse detection is based on particle swarm optimization(PSO) and anomaly detection is based on artificial immunology.Furthermore,this model takes advantage of feature selection to reduce the dimension of the problem and improve the performance.The experiments illustrate that the proposed hybrid detection system can get a high detection rate with a low false alarm rate and can update the rules automatically,which shows its efficiency.