Current network protection systems use a collection of intelligent components
- e.g. classifiers or rule-based firewall systems to detect intrusions and
anomalies and to secure a network against viruses, worms, or trojans. However,
these network systems rely on individuality and support an architecture with
less collaborative work of the protection components. They give less
administration support for maintenance, but offer a large number of individual
single points of failures - an ideal situation for network attacks to succeed.
In this work, we discuss the required features, the performance, and the
problems of a distributed protection system called SANA. It consists of a
cooperative architecture, it is motivated by the human immune system, where the
components correspond to artificial immune cells that are connected for their
collaborative work. SANA promises a better protection against intruders than
common known protection systems through an adaptive self-management while
keeping the resources efficiently by an intelligent reduction of redundant
tasks. We introduce a library of several novel and common used protection
components and evaluate the performance of SANA by a proof-of-concept
implementation.Comment: 5 page