An immune based dynamic risk control system

Abstract

Global network security is facing more and more serious challenges. Existing traditional network security defense tools (e.g. firewalls, intrusion prevention systems) cannot actively adjust defense strategies and conduct targeted defenses according to change of current network environment threats (e.g. attack intensity, attack type, etc.), which has greater passiveness and blindness. Inspired by artificial immunity, this paper proposes an immune-based dynamic risk control system. The system consists of intrusion detection module, risk assessment and dynamic risk control module. The system obtains the current system environment’s risk level through intrusion detection and risk assessment module, selects the targeted defense strategy from the strategy knowledge database according to the risk level, implements positive and active defense strategies, and then controls targeted risks of different types and levels to prevent the spread of the attack. Compared with the classic intrusion prevention system, of which once the rules are set, it will remain unchanged and cannot be dynamically adjusted, the system adopts different control strategies for different risk of network, and the control strategy can be flexibly and dynamically adjusted according to the change of network threat. The extended active and passive control methods enhance the systems capability to handle different types of attacks and the risk level. Thus, it is flexible, active and targeted to control the risk of network security.