AN ADAPTIVE MODEL OF INTRUSION DETECTION IN COMPUTER NETWORKS BASED ON ARTIFICIAL IMMUNE SYSTEM
Abstract
It is proposed adaptive model and it is based the intrusion detection system (IDS), which is constructed on the basis of immunological principles. Recognition of the state of network traffic is in conditions of shortage priori information about the properties of the source intrusion and the stochastic nature of recognizable events. In order to improve the reliability of intrusion detection system is made adaptive setting decision rules for classifying the states of network traffic. The system is designed for the detection and classification of network attacks classes: DoS, R2L, U2R, Probе. Setting up and testing of the model is based on the search of anomalies in real data sets of IP-traffic computer networks and contained in known database KDD'99.