Computer Science

Computer Science ›› 2018, Vol. 45 ›› Issue (6A): 364-370.

• Information Security • Previous Articles     Next Articles

Research on Network Attack Detection Based on Self-adaptive Immune Computing

CHEN Jin-yin,XU Xuan-yan,SU Meng-meng   

  1. College of Information and Engineering,Zhejiang University of Technology,Hangzhou 310023,China
  • Online:2018-06-20 Published:2018-08-03

PDF (PC)

742

Abstract: The Internet is inherently open and interactive,making the attacker use the network vulnerabilities to destroy the network.Network attacks are generally conceal and highly hazardous,so how to effectively detect network attacks becomes extremely important.In order to solve the problem that most of the detection algorithms can only detect a kind of network attack,and the detection delay is high,this paper proposed a negative selection algorithm based on density automatic partition clustering method with self-set,referred to DAPC-NSA.The algorithm uses the density clustering algorithm to preprocess the self-training data,performs cluster analysis on the training data,eliminates the noise,and generates the self-detector.And then it generates the nonself-detector according to the self-detector,and uses the self-detector and nonself-detector to detect the anomalies.The simulated intrusion detection experiment was carried out.The experiment shows that the algorithm can not only detect six kinds of attacks simultaneously,but also has the higher detection rate and the lower false alarm rate.The detection time is short compared with other detection algorithm,and it can achieve the target of real-time detection.

Key words: Attack detection, DAPC-NSA, Detectors, Network attack simulation, Network security, Self-adaptive immune

CLC Number: 

  • TP183
[1]XIONG W,HU H N,XIONG N,et al.Anomaly secure detection methods by analyzing dynamic characteristics of the network traffic in cloud communications[J].Information Scinces,2014(258):403-415.
[2]SPEROTTO A,SCHAFFRATH G,SADRE R,et al.An Overview of IP Flow-Based Intrusion Detection[C]∥IEEE Communications Surveys & Tutorials.2010:343-356.
[3]KIM M S,KONG H J,HONG S C,et al.A Flow-based Method for Abnormal Network Traffic Detection[C]∥Proc. IEEE/IFIP Network Network Operations and Management Symposium.2004:599-612.
[4]TAN Z Y,JAMDAGNI A,HE X,et al.A System for Denial-of-Service Attack Detection Based on Multivariate Correlation Analysis[J].IEEE Transactions on Parallel and Distributed Systems,2014,25(2):447-456.
[5]IGLESIAS F,ZSEBY T.Analysis of network traffic features for anomaly detection[J].Machine Learning,2015,101(1-3):59-84.
[6]JYOTHI V,WANG X Y,ADDEPALLI S K,et al.BRAIN:Behavior based Adaptive Intrusion detection in Networks:Using Hardware Performance Counters to detect DDoS Attacks[C]∥29th International Conference on VLSI Design and 2016 15th International Conference on Embedded Systems.2016:587-588.
[7]CHEN Y,HWANG K,KU W S,et al.Collaborative Detection of DDoS Attacks over Multiple Network Domains[J].IEEE Transactions on Parallel and Distributed Systems,2007,18(12):1649-1662.
[8]LEE K,KIM J,KWON K H,et al.DDoS attack detection method using cluster analysis[J].Expert Systems with Applications,2008,34(3):1659-1665.
[9]SIRIS V A,PAPAGALOU F.Application of Anomaly Detection Algorithms for Detecting SYN Flooding Attacks[J].Computer Communications,2006,29(9):1433-1442.
[10]CHEN W,YEUNG D Y.Defending Against TCP SYN Flooding Attacks Under Different Types of IP Spoofing[C]∥Proceedings of the International Conference on Networking.2006:38.
[11]WANG H N,ZHANG D L,SHIN K G.Detecting SYN Flooding Attacks[C]∥IEEE INFOCOM.2002:1530-1539.
[12]VIS I F A,DE KOSTER R.Transshipment of containers at a container terminal:an overview[J].European Journal of Operational Research,2003,147(1):1-16.
[13]FORREST S,PERELSON A S,ALLEN L,et al.Self-nonself discrimination in a computer[C]∥Proceeding of the IEEE Symposium on Research in Security and Privacy.Oakland:IEEE,1994:202-212.
[14]JI Z.A boundary-aware negative selection algorithm[C]∥Proceedings of IASTED International Conference of Artificial Intelligence and Soft Computing(ASC 2005).Spain,2005:379-384.
[15]JI Z,DASGUPTA D.Real-valued negative selection algorithm with variable-sized detectors[M]∥Genetic and Evolutionary Computation-GECOO 2004.Springer Berlin Heidelberg,2004:287-298.
[16]ZHOU J,DIPANKAR D.V-detector:An efficient negative se- lection algorithm with “probablyadequate” detector coverage[J].Information Sciences,2009,179(10):1390-1406.
[17]GONG M G,ZHANG J,MA J J,et al.An efficient negative selection algorithm with further training for anomaly detection[J].Knowledge-Based Systems,2012,30(2):185-191.
[18]XU X P,ZHAO P Z.Research on fault data classification based onimproved V- detector algorithm[J].Application Research of Computers,2013,30(10):2951-2953.
[19]HOQUE N,BHUYAN M H,BAISHYA R C,et al.Network attacks:Taxonomy,tools and systems[J].Journal of Network and Computer Applications,2014,40(1):307-324.
[20]PILLI E S,JOSHI R C,NIYOGI R.Data Reduction by Identification and Correlation of TCP/IP Attack Attributes for Network Forensics[C]∥International Conference and Workshop on Emerging Trends in Technology.2011:276-283.
[1] LIU Jie-ling, LING Xiao-bo, ZHANG Lei, WANG Bo, WANG Zhi-liang, LI Zi-mu, ZHANG Hui, YANG Jia-hai, WU Cheng-nan. Network Security Risk Assessment Framework Based on Tactical Correlation [J]. Computer Science, 2022, 49(9): 306-311.
[2] ZHAO Dong-mei, WU Ya-xing, ZHANG Hong-bin. Network Security Situation Prediction Based on IPSO-BiLSTM [J]. Computer Science, 2022, 49(7): 357-362.
[3] DENG Kai, YANG Pin, LI Yi-zhou, YANG Xing, ZENG Fan-rui, ZHANG Zhen-yu. Fast and Transmissible Domain Knowledge Graph Construction Method [J]. Computer Science, 2022, 49(6A): 100-108.
[4] GUO Xing-chen, YU Yi-biao. Robust Speaker Verification with Spoofing Attack Detection [J]. Computer Science, 2022, 49(6A): 531-536.
[5] YANG Ya-hong, WANG Hai-rui. DDoS Attack Detection Method in SDN Environment Based on Renyi Entropy and BiGRU Algorithm [J]. Computer Science, 2022, 49(6A): 555-561.
[6] LYU Peng-peng, WANG Shao-ying, ZHOU Wen-fang, LIAN Yang-yang, GAO Li-fang. Quantitative Method of Power Information Network Security Situation Based on Evolutionary Neural Network [J]. Computer Science, 2022, 49(6A): 588-593.
[7] DU Hong-yi, YANG Hua, LIU Yan-hong, YANG Hong-peng. Nonlinear Dynamics Information Dissemination Model Based on Network Media [J]. Computer Science, 2022, 49(6A): 280-284.
[8] LI Peng-yu, LIU Sheng-li, YIN Xiao-kang, LIU Hao-hui. Detection Method of ROP Attack for Cisco IOS [J]. Computer Science, 2022, 49(4): 369-375.
[9] ZHANG Shi-peng, LI Yong-zhong. Intrusion Detection Method Based on Denoising Autoencoder and Three-way Decisions [J]. Computer Science, 2021, 48(9): 345-351.
[10] LI Na-na, WANG Yong, ZHOU Lin, ZOU Chun-ming, TIAN Ying-jie, GUO Nai-wang. DDoS Attack Random Forest Detection Method Based on Secondary Screening of Feature Importance [J]. Computer Science, 2021, 48(6A): 464-467.
[11] CHEN Hai-biao, HUANG Sheng-yong, CAI Jie-rui. Trust Evaluation Protocol for Cross-layer Routing Based on Smart Grid [J]. Computer Science, 2021, 48(6A): 491-497.
[12] WANG Jin-heng, SHAN Zhi-long, TAN Han-song, WANG Yu-lin. Network Security Situation Assessment Based on Genetic Optimized PNN Neural Network [J]. Computer Science, 2021, 48(6): 338-342.
[13] ZHANG Kai, LIU Jing-ju. Attack Path Analysis Method Based on Absorbing Markov Chain [J]. Computer Science, 2021, 48(5): 294-300.
[14] LIU Quan-ming, LI Yin-nan, GUO Ting, LI Yan-wei. Intrusion Detection Method Based on Borderline-SMOTE and Double Attention [J]. Computer Science, 2021, 48(3): 327-332.
[15] JIANG Jian-feng, SUN Jin-xia, YOU Lan-tao. Security Clustering Strategy Based on Particle Swarm Optimization Algorithm in Wireless Sensor Network [J]. Computer Science, 2021, 48(11A): 452-455.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.