Abstract:Based on the diversity of immunity,a distributed intrusion detection method is presented,in which the support vector machine(SVM) is used as an antibody to detect intrusion.In particular,the random subspace method is introduced to create various SVM individuals,and then the individuals are evolved with artificial immunity algorithm.By introducing Q-statistical and mutual information as the measures of the antibody's diversity,the detector group with the characteristic of mutual-supplied knowledge can be obtained.At last the results of all detectors in the population are integrated by the ensemble idea.This distributed parallel detection can strengthen the robustness of the system.Experiments show that this method can produce antibodies with better diversity,and the detection accuracy is better than a single SVM and Bagging method.

Distributed Intrusion Detection Method Based on the Diversity of Immunity