Abstract: A new method is proposed against the limited capacity in making real-time intrusion prevention efficiently for high-speed network, that is the intrusion prevension algorithm based on immune principle, combining of the artificial immune principle and data-distribution technology.In the research on negative selection algorithm, the vaccine operator and positive selection operator are introduced to the algorithm.Owing to the new algorithm, self-learning ability of antibody bank gets enhanced and the time needed for secondary response is reduced, so that the efficiency of system gets greatly improved.After the analysis of data-distribution technology and negative selection algorithm, the intrusion prevension system based on immune principle is established.Simulation results show the effectiveness of the algorithm.