8,746 research outputs found
Artificial Immune System dengan Algoritma Genetika untuk Host-based Intrusion Detection System
ABSTRAKSI: Meskipun perkembangan teknologi semakin canggih, ancamannya pun juga semakin beragam, terutama dalam masalah keamanan. Salah satu penanganan keamanan sistem dan jaringan yang banyak dikembangkan adalah IDS (Intrusion Detection System). Sistem pendeteksi intrusi ini sudah banyak dikembangkan, salah satunya adalah dengan menerapkan algoritma Artificial Immune System (AIS) yang mengadaptasi dari sistem kekebalan tubuh manusia. Ide awal dari penggunaan AIS untuk IDS ini adalah karena IDS merupakan suatu sistem yang diharapkan mampu menghalau intrusi-intrusi anomali atau serangan yang dapat merugikan sistem sedangkan AIS sendiri diadaptasi dari sistem kekebalan tubuh manusia yang dapat menghalau virus-virus serta bakteri yang dapat merugikan tubuh manusia.Metode ini digabungkan dengan proses-proses evolusi algoritma genetika seperti rekombinasi dan mutasi untuk menghasilkan detektor-detektor yang lebih optimal.Sistem ini akan menghasilkan rules atau aturan-aturan untaian biner yang merupakan detektor yang diharapkan dapat mendeteksi jika ada serangan pada sistem.Kata Kunci : sistem deteksi intrusi, artificial immune system, algoritma genetikaABSTRACT: Even the technology is more sophisticated, the threats are also more variative, especially in security system. One of the ways to handle the security and network system is IDS (Intrusion Detection System). This intrusion detection system has been developed and one of the develpements is using Artificial Immune System (AIS) algorithm which was adapted from human immune system. The idea of using AIS for IDS is because IDS is a system that is expected to detect the anomaly intrusions or the attacks that can harm the system while AIS is adapted from the human immune system that surely can detect and handle the viruses and bacteria that can harm the human body.This method is combined with the evolusion proceses in genetic algorithm like crossover and mutation to produce the more optimal detectors. This system will produce the binary string rule that is the detectors that are expected to detect if there may be attacks on system.Keyword: intrusion detection system, artificial immune system, genetic algorithm
Experiments with Applying Artificial Immune System in Network Attack Detection
The assurance of security within a network is difficult due to the variations of attacks. This research conducts various experiments to implement an Artificial Immune System based Intrusion Detection System to identify intrusions using the Negative Selection Algorithm. This research explores the implementation of an Artificial Immune System opposed to the industry standard of machine learning. Various experiments were conducted to identify a method to separate data to avoid false-positive results. The use of an Artificial Immune System requires a self and nonself classification to determine if an intrusion is present within the network. The results of an Artificial Immune System based Intrusion Detection System achieved high accuracy when the data records were separated by service. The Negative Selection Algorithm created a range and it provided detectors to determine if an intrusion was present based off of the threshold. The threshold is the number of detectors that must be triggered for the system to identify an intrusion. Many services were unusable as they did contain the requirement of both self and nonself data records, that did not overlap. The results were high accuracies in general for the remaining tested services
Toward Network-based DDoS Detection in Software-defined Networks
To combat susceptibility of modern computing systems to cyberattack, identifying and disrupting malicious traffic without human intervention is essential. To accomplish this, three main tasks for an effective intrusion detection system have been identified: monitor network traffic, categorize and identify anomalous behavior in near real time, and take appropriate action against the identified threat. This system leverages distributed SDN architecture and the principles of Artificial Immune Systems and Self-Organizing Maps to build a network-based intrusion detection system capable of detecting and terminating DDoS attacks in progress
An anomaly-based intrusion detection system based on artificial immune system (AIS) techniques
Two of the major approaches to intrusion detection are anomaly-based detection and signature-based detection. Anomaly-based approaches have the potential for detecting zero-day and other new forms of attacks. Despite this capability, anomaly-based approaches are comparatively less widely used when compared to signature-based detection approaches. Higher computational overhead, higher false positive rates, and lower detection rates are the major reasons for the same. This research has tried to mitigate this problem by using techniques from an area called the Artificial Immune Systems (AIS). AIS is a collusion of immunology, computer science and engineering and tries to apply a number of techniques followed by the human immune system in the field of computing. An AIS-based technique called negative selection is used. Existing implementations of negative selection algorithms have a polynomial worst-case run time for classification, resulting in huge computational overhead and limited practicality. This research implements a theoretical concept and achieves linear classification time. The results from the implementation are compared with that of existing Intrusion Detection Systems
Dendritic Cells for Anomaly Detection
Artificial immune systems, more specifically the negative selection
algorithm, have previously been applied to intrusion detection. The aim of this
research is to develop an intrusion detection system based on a novel concept
in immunology, the Danger Theory. Dendritic Cells (DCs) are antigen presenting
cells and key to the activation of the human signals from the host tissue and
correlate these signals with proteins know as antigens. In algorithmic terms,
individual DCs perform multi-sensor data fusion based on time-windows. The
whole population of DCs asynchronously correlates the fused signals with a
secondary data stream. The behaviour of human DCs is abstracted to form the DC
Algorithm (DCA), which is implemented using an immune inspired framework,
libtissue. This system is used to detect context switching for a basic machine
learning dataset and to detect outgoing portscans in real-time. Experimental
results show a significant difference between an outgoing portscan and normal
traffic.Comment: 8 pages, 10 tables, 4 figures, IEEE Congress on Evolutionary
Computation (CEC2006), Vancouver, Canad
Sensing Danger: Innate Immunology for Intrusion Detection
The immune system provides an ideal metaphor for anomaly detection in general
and computer security in particular. Based on this idea, artificial immune
systems have been used for a number of years for intrusion detection,
unfortunately so far with little success. However, these previous systems were
largely based on immunological theory from the 1970s and 1980s and over the
last decade our understanding of immunological processes has vastly improved.
In this paper we present two new immune inspired algorithms based on the latest
immunological discoveries, such as the behaviour of Dendritic Cells. The
resultant algorithms are applied to real world intrusion problems and show
encouraging results. Overall, we believe there is a bright future for these
next generation artificial immune algorithms
Dendritic Cells for Anomaly Detection
Artificial immune systems, more specifically the negative selection algorithm, have previously been applied to intrusion detection. The aim of this research is to develop
an intrusion detection system based on a novel concept in
immunology, the Danger Theory. Dendritic Cells (DCs) are
antigen presenting cells and key to the activation of the human immune system. DCs perform the vital role of combining
signals from the host tissue and correlate these signals with proteins known as antigens. In algorithmic terms, individual DCs perform multi-sensor data fusion based on time-windows. The whole population of DCs asynchronously correlates the fused signals with a secondary data stream. The behaviour of human DCs is abstracted to form the DC Algorithm (DCA), which is implemented using an immune inspired framework, libtissue. This system is used to detect context switching for a basic machine learning dataset and to detect outgoing portscans in real-time. Experimental results show a significant difference between an outgoing portscan and normal traffic
- …