1,542 research outputs found
An Immune Inspired Approach to Anomaly Detection
The immune system provides a rich metaphor for computer security: anomaly
detection that works in nature should work for machines. However, early
artificial immune system approaches for computer security had only limited
success. Arguably, this was due to these artificial systems being based on too
simplistic a view of the immune system. We present here a second generation
artificial immune system for process anomaly detection. It improves on earlier
systems by having different artificial cell types that process information.
Following detailed information about how to build such second generation
systems, we find that communication between cells types is key to performance.
Through realistic testing and validation we show that second generation
artificial immune systems are capable of anomaly detection beyond generic
system policies. The paper concludes with a discussion and outline of the next
steps in this exciting area of computer security.Comment: 19 pages, 4 tables, 2 figures, Handbook of Research on Information
Security and Assuranc
Recommended from our members
Artificial Immune Systems - Models, algorithms and applications
Copyright © 2010 Academic Research Publishing Agency.This article has been made available through the Brunel Open Access Publishing Fund.Artificial Immune Systems (AIS) are computational paradigms that belong to the computational intelligence family and are inspired by the biological immune system. During the past decade, they have attracted a lot of interest from researchers aiming to develop immune-based models and techniques to solve complex computational or engineering problems. This work presents a survey of existing AIS models and algorithms with a focus on the last five years.This article is available through the Brunel Open Access Publishing Fun
Information Fusion for Anomaly Detection with the Dendritic Cell Algorithm
Dendritic cells are antigen presenting cells that provide a vital link
between the innate and adaptive immune system, providing the initial detection
of pathogenic invaders. Research into this family of cells has revealed that
they perform information fusion which directs immune responses. We have derived
a Dendritic Cell Algorithm based on the functionality of these cells, by
modelling the biological signals and differentiation pathways to build a
control mechanism for an artificial immune system. We present algorithmic
details in addition to experimental results, when the algorithm was applied to
anomaly detection for the detection of port scans. The results show the
Dendritic Cell Algorithm is sucessful at detecting port scans.Comment: 21 pages, 17 figures, Information Fusio
BIOLOGICAL INSPIRED INTRUSION PREVENTION AND SELF-HEALING SYSTEM FOR CRITICAL SERVICES NETWORK
With the explosive development of the critical services network systems and Internet, the need for networks security systems have become even critical with the enlargement of information technology in everyday life. Intrusion Prevention System (IPS) provides an in-line mechanism focus on identifying and blocking malicious network activity in real time. This thesis presents new intrusion prevention and self-healing system (SH) for critical services network security. The design features of the proposed system are inspired by the human immune system, integrated with pattern recognition nonlinear classification algorithm and machine learning. Firstly, the current intrusions preventions systems, biological innate and adaptive immune systems, autonomic computing and self-healing mechanisms are studied and analyzed. The importance of intrusion prevention system recommends that artificial immune systems (AIS) should incorporate abstraction models from innate, adaptive immune system, pattern recognition, machine learning and self-healing mechanisms to present autonomous IPS system with fast and high accurate detection and prevention performance and survivability for critical services network system. Secondly, specification language, system design, mathematical and computational models for IPS and SH system are established, which are based upon nonlinear classification, prevention predictability trust, analysis, self-adaptation and self-healing algorithms. Finally, the validation of the system carried out by simulation tests, measuring, benchmarking and comparative studies. New benchmarking metrics for detection capabilities, prevention predictability trust and self-healing reliability are introduced as contributions for the IPS and SH system measuring and validation.
Using the software system, design theories, AIS features, new nonlinear classification algorithm, and self-healing system show how the use of presented systems can ensure safety for critical services networks and heal the damage caused by intrusion. This autonomous system improves the performance of the current intrusion prevention system and carries on system continuity by using self-healing mechanism
Information Fusion in the Immune System
Biologically-inspired methods such as evolutionary algorithms and neural
networks are proving useful in the field of information fusion. Artificial
Immune Systems (AISs) are a biologically-inspired approach which take
inspiration from the biological immune system. Interestingly, recent research
has show how AISs which use multi-level information sources as input data can
be used to build effective algorithms for real time computer intrusion
detection. This research is based on biological information fusion mechanisms
used by the human immune system and as such might be of interest to the
information fusion community. The aim of this paper is to present a summary of
some of the biological information fusion mechanisms seen in the human immune
system, and of how these mechanisms have been implemented as AISsComment: 10 pages, 6 tables, 6 figures, Information Fusio
Detecting Anomalous Process Behaviour using Second Generation Artificial Immune Systems
Artificial Immune Systems have been successfully applied to a number of
problem domains including fault tolerance and data mining, but have been shown
to scale poorly when applied to computer intrusion detec- tion despite the fact
that the biological immune system is a very effective anomaly detector. This
may be because AIS algorithms have previously been based on the adaptive immune
system and biologically-naive mod- els. This paper focuses on describing and
testing a more complex and biologically-authentic AIS model, inspired by the
interactions between the innate and adaptive immune systems. Its performance on
a realistic process anomaly detection problem is shown to be better than
standard AIS methods (negative-selection), policy-based anomaly detection
methods (systrace), and an alternative innate AIS approach (the DCA). In
addition, it is shown that runtime information can be used in combination with
system call information to enhance detection capability.Comment: 26 pages, 4 tables, 2 figures, International Journal of
Unconventional Computin
Sensing Danger: Innate Immunology for Intrusion Detection
The immune system provides an ideal metaphor for anomaly detection in general
and computer security in particular. Based on this idea, artificial immune
systems have been used for a number of years for intrusion detection,
unfortunately so far with little success. However, these previous systems were
largely based on immunological theory from the 1970s and 1980s and over the
last decade our understanding of immunological processes has vastly improved.
In this paper we present two new immune inspired algorithms based on the latest
immunological discoveries, such as the behaviour of Dendritic Cells. The
resultant algorithms are applied to real world intrusion problems and show
encouraging results. Overall, we believe there is a bright future for these
next generation artificial immune algorithms
- …