基于人工免疫原理检测僵尸网络的方法

In the artificial immune system is proposed based on a method of detecting botnets. Antigen on the antibody first real vector coding, and then negative selection algorithm to filter the candidate set of antibodies, and in the negative selection process of adding high-affinity antibodies by the variation of the antibody to improve antibody coverage, the introduction of co-stimulation model of participation decision-making, the use of cluster analysis of the variability out of self-focused individual, and finally proposes a new detection model, to achieve real-time detection of zombie networks and monitoring. The experiments show that the detection model with a certain degree of learning ability and dynamic, which can effectively identify botnets, false, false negative rate low and the timely discovery of new features and zombie attack warning.