Antibody Concentration Based Method for Network Security Situation Awareness
Inspired by the principles of biological immune system, an antibody concentration based method for network security situation awareness, referred to as ACnssa, is proposed in this paper. With the concepts and formal definitions of self, non-self, antibody and antigen presented, the principles and framework of ACnssa is described. Following that, the mathematical models of the lifecycle of mature and memory lymphocyte which are used for security situation awareness are established. Experiment results show that a network system can learn what attacks it suffers, where the intrusions occur, whether the intrusions are serious or not. In addition, the system learns what the current attacks are, and where the most serious disastrous area is. Thus, it provides a good solution to the situation awareness of network security.
immunity network security situation awareness
Feixian Sun Feng Xu
School of Computer Science Zhongyuan University of Technology Zhengzhou 450007,P R China
国际会议
北京
英文
1-4
2009-06-11(万方平台首次上网日期,不代表论文的发表时间)