Applying Artificial Immune System for Intrusion Detection

This paper investigates the approaches of using an analogy of the Human Immune System (HIS) to create an Artificial Immune System (AIS) based Intrusion Detection System (IDS). The two most popular AIS generating algorithms, Negative and Clonal Selection were explored and tested on the NSL-KDD dataset with different sets of features and different numbers of detectors. The experiments show that the Negative Selection Algorithm (NSA) and the Clonal Selection Algorithm (CSA) show a severe scaling issue when handling real network traffic.

[1]  Simon M. Garrett,et al.  How Do We Evaluate Artificial Immune Systems? , 2005, Evolutionary Computation.

[2]  Fernando Niño,et al.  A Framework for Evolving Multi-Shaped Detectors in Negative Selection , 2007, 2007 IEEE Symposium on Foundations of Computational Intelligence.

[3]  Zhou Ji,et al.  Revisiting Negative Selection Algorithms , 2007, Evolutionary Computation.

[4]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[5]  F. Azuaje Artificial Immune Systems: A New Computational Intelligence Approach , 2003 .

[6]  Leandro Nunes de Castro,et al.  Artificial Immune Systems: Part I-Basic Theory and Applications , 1999 .

[7]  Fabio A. González,et al.  The Effect of Binary Matching Rules in Negative Selection , 2003, GECCO.

[8]  Rogério de Lemos,et al.  Negative Selection: How to Generate Detectors , 2002 .

[9]  Peter J. Bentley,et al.  The Human Immune System and Network Intrusion Detection , 1999 .

[10]  Fabio A. González,et al.  Anomaly Detection Using Real-Valued Negative Selection , 2003, Genetic Programming and Evolvable Machines.

[11]  Alan S. Perelson,et al.  Self-nonself discrimination in a computer , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[12]  Feng Wang,et al.  A Survey of Artificial Immune System Based Intrusion Detection , 2014, TheScientificWorldJournal.

[13]  Reza Azmi,et al.  MAIS-IDS: A distributed intrusion detection system using multi-agent AIS approach , 2014, Eng. Appl. Artif. Intell..

[14]  Gilbert L. Peterson,et al.  An evolutionary algorithm to generate hyper-ellipsoid detectors for negative selection , 2005, GECCO '05.

[15]  Gilbert L. Peterson,et al.  An Evolutionary Algorithm to Generate Ellipsoid Detectors for Negative Selection , 2012 .

[16]  Stephanie Forrest,et al.  Immunity by design: an artificial immune system , 1999 .

[17]  Patrik D'haeseleer,et al.  An immunological approach to change detection: theoretical results , 1996, Proceedings 9th IEEE Computer Security Foundations Workshop.

[18]  Jérôme Darmont,et al.  Adaptive Network Intrusion Detection Learning: Attribute Selection and Classification , 2009 .

[19]  Stephanie Forrest,et al.  A sense of self for Unix processes , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[20]  Peter J. Bentley,et al.  An evaluation of negative selection in an artificial immune system for network intrusion detection , 2001 .

[21]  F. von Zuben,et al.  An evolutionary immune network for data clustering , 2000, Proceedings. Vol.1. Sixth Brazilian Symposium on Neural Networks.