Skip to main content
Article thumbnail
Location of Repository

Immune System Approaches to Intrusion Detection - A Review

By Jungwon Kim, Peter Bentley, Uwe Aickelin, Julie Greensmith, Gianni Tedesco and Jamie Twycross


The use of artificial immune systems in intrusion detection is an appealing concept for two reasons. Firstly, the human immune system provides the human body with a high level of protection from invading pathogens, in a robust, self-organised and distributed manner. Secondly, current techniques used in computer security are not able to cope with the dynamic and increasingly complex nature of computer systems and their security. It is hoped that biologically inspired approaches in this area, including the use of immune-based systems will be able to meet this challenge. Here we review the algorithms used, the development of the systems and the outcome of their implementation. We provide an introduction and analysis of the key developments within this field, in addition to making suggestions for future research

Publisher: Springer
Year: 2007
OAI identifier:
Provided by: Nottingham ePrints

Suggested articles


  1. (2004). A formal framework for positive and negative detection schemes. doi
  2. (2005). A machine learning evaluation of an artificial immune system. doi
  3. (1992). A neural network component for an intrusion detection system.
  4. (2003). A randomized real-valued negative selection algorithm.
  5. (2000). A revised taxonomy of intrusion-detection systems.
  6. (2003). A scaled, immunological approach to anomaly countermeasures (combining ph with cfengine). Integrated Network Management,
  7. (2004). A self-adaptive negative selection approach for anomaly detection.
  8. (2003). A Study of Artificial Immune Systems Applied to Anomaly Detection.
  9. (2003). An artificial immune system approach to misbehavior detection in mobile ad-hoc networks.
  10. (2002). An immunity-based technique to characterize intrusions in computer networks.
  11. (2003). An immuno-fuzzy approach to anomaly detection.
  12. (1996). An immunological approach to change detection: Theoretical results.
  13. (1996). An immunology approach to change detection: Algorithm, analysis and implications.
  14. (2002). An imunogenetic technique to detect anomalies in network traffic.
  15. (2004). An intrusion detection system using ideas from the immune system.
  16. (2005). and S.Ujin. Two ways to grow tissue for artificial immune systems.
  17. (2003). Anomaly detection using real-valued negative selection.
  18. (2002). Artificial Immune Systems: A New Computational Intelligence Approach.
  19. (2002). Combining negative selection and classification techniques for anomaly detection.
  20. (1998). Computer immunology.
  21. (2004). Configurable immunity for evolving human-computer systems.
  22. (2002). Coverage and generaliszation in an artificial immune system.
  23. (2003). Danger theory: The link between ais and ids.
  24. (2005). Discriminating and visualizing anomalies using negative selection and self-organizing maps.
  25. (2000). Evaluating cfegine's immunity model of site maintenance.
  26. (2001). Fusing a hetrogenous alert stream into scenarios.
  27. (2005). How do we evaluate artificial immune systems? doi
  28. (1999). Immunity-based intrusion detection systems: A general framework.
  29. Introducing dendritic cells as a novel immune inspired algorithm for anomaly detection.
  30. (1999). Intrusion detection systems: A survey and taxonomy.
  31. (2001). Mobile security agent for network traffic analysis.
  32. (2002). Negative selection: How to generate detectors.
  33. (2002). On the use of negative selection in an artificial immune system.
  34. (1999). Parameter control in evolutionary algorithms. doi
  35. (2004). Principle components and importance ranking of distributed anomalies.
  36. (2006). Probabilistic anomaly detection in distributed computer networks.
  37. (2001). Recent developments in cfengine.
  38. (2002). Revisiting lisys: Parameters and normal behaviour.
  39. (1994). Self-nonself discrimination in a computer.
  40. (2003). The crossover closure and partial match detection.
  41. (2002). The danger theory and its application to ais.
  42. (2003). The effect of binary matching rules in negative selection.
  43. (1986). The immune system, adaptation and machine learning. doi
  44. (2002). Two dimensional time-series for anomaly detection and regulation in adaptive systems.
  45. (2004). Twycross “Immune System Approaches to Intrusion Detection - A Review”.
  46. (1998). Uci repository of machine learning databases.,
  47. (2005). Unsupervised anomaly detection based on an evolutionary artificial immune network. In
  48. (2004). Vulnerability analysis of immunity-based intrusion detection systems using evolutionary hackers. In doi
  49. (2000). Zuben. An evolutionary immune network for data clustering.

To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.