| Public wireless LAN (PWLAN) is an advanced wideband accessing technology combining the advantage of high efficiency and security which are the desirable performance of WLAN and GSM/GPRS. As a part of national 863 project "Security and application research of the Public wireless LAN", this dissertation mainly focuses on the intrusion detection system in the PWLAN environment.At the beginning this dissertation analyzes network structure and several main security technologies, followed by the importance of intrusion detection technology in PWLAN's security system, and the defects in the existing intrusion detection technology.Intrusion detection technology based on the artificial immune theory will be researched in the second part. By extensive researches in the immune scheme of the organism, artificial immune theory and algorithms, this dissertation brings forward a more intelligent artificial immune model , which is based on the mobile agent platform. This model, synthesizing several artificial immune algorithms such as negative selection, immune memory, clone selection and co-stimulation, is superior in the performances of light-weight and environment-adaptive.In the third part, the artificial immune intrusion detection model is realized based on the mobile agent in the PWLAN environment. Several technologies, such as Aglet mobile agent platform, Java encryption technology, Winpcap network data packets capture technology, are exploited to implement each module of the intrusion detection system. The system consists of the following modules: mobile agent platform, information collection component, detection agent, message agent, decision-making agent and manage agent etc. In the further step, by taking the advantage of the security scheme of the mobile agent platform, authorization and encryption technology such as AES and RSA are used to ensure the security in the communication among mobile agents. By simulating the lymph cell whose defense is distributed via lymph recurrence and blood recurrence, this model is a qualifieddistributed intrusion detection model which is light-weighted and has the ability of synthesized analysis, environmental adaptation, manageable high efficiency, in the mean while it can be run in the PWLAN experimental platform.Finally, the intrusion detection evaluation database(DARPA IDE) of the Lincoln Laboratory in MIT university is used for performance testing. By training with 64296 packets in the first week of the database, system is able to detect four types of intrusion model with the detection rate exceeding 85%. This indicates the effectiveness of the model, and the expected goal is reached. This project has already been accepted by the national 863 professional checking group. |
PDF Full Text Request