An immunity-based time series prediction approach and its application for network security situation

To effectively improve the prediction precision of network security situation and prevent the large-scale network security attacks, an immunity-based time series prediction approach for network security situation (ITSPA) is proposed. In ITSPA, the concepts and formal definitions of antigen, antibody and affinity used for predicting network security situation are given; and meanwhile, the mathematical models of antibody evolution operators used for establishing the prediction model of network security situation are shown. For the time series of network security situation, its chaotic characteristics are analyzed and the corresponding sample space is reconstructed by phase space reconstruction method; then, the corresponding prediction model is constructed by artificial immune mechanism; finally, this prediction model is used for predicting the time series of network security situation. To demonstrate the predicting effectiveness of ITSPA, four typical time series (namely real-time network probe situation, real-time network situation, short-term network probe situation and short-term network situation) obtained from DARPA 1999 data set and long-term network security situation time series obtained from HoneyNet Project data set are used for simulating experiments. The experimental results show that ITSPA is an effective prediction approach for the time series of network security situation.

[1]  Jun Zhang,et al.  Virus spreading model based on degree correlation and its analysis , 2014 .

[2]  Chung-Ming Ou,et al.  Host-based intrusion detection systems adapted from agent-based artificial immune systems , 2012, Neurocomputing.

[3]  Wei Yong A Network Security Situational Awareness Model Based on Log Audit and Performance Correction , 2009 .

[4]  Günter Rudolph,et al.  Convergence analysis of canonical genetic algorithms , 1994, IEEE Trans. Neural Networks.

[5]  Manoj Kumar Tiwari,et al.  Fast clonal algorithm , 2008, Eng. Appl. Artif. Intell..

[6]  Qian Liu,et al.  Weighted least squares support vector machine local region method for nonlinear time series prediction , 2010, Appl. Soft Comput..

[7]  Alan S. Perelson,et al.  Self-nonself discrimination in a computer , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[8]  Jonathan Timmis,et al.  Theoretical advances in artificial immune systems , 2008, Theor. Comput. Sci..

[9]  Yong Wei,et al.  A Network Security Situational Awareness Model Based on Log Audit and Performance Correction: A Network Security Situational Awareness Model Based on Log Audit and Performance Correction , 2009 .

[10]  Andrzej Cichocki,et al.  Neural networks for optimization and signal processing , 1993 .

[11]  Hu Dai Studies on applying artificial neural networks to some forecasting problems , 1999 .

[12]  M. Rosenstein,et al.  A practical method for calculating largest Lyapunov exponents from small data sets , 1993 .

[13]  George G. Szpiro Forecasting chaotic time series with genetic algorithms , 1997 .

[14]  Mica R. Endsley,et al.  Design and Evaluation for Situation Awareness Enhancement , 1988 .

[15]  J. Salas,et al.  Nonlinear dynamics, delay times, and embedding windows , 1999 .

[16]  Guan Xiaohong,et al.  Quantitative Hierarchical Threat Evaluation Model for Network Security , 2006 .

[17]  John W. Kimball,et al.  Introduction to immunology , 1983 .

[18]  Lutgarde M. C. Buydens,et al.  Using support vector machines for time series prediction , 2003 .

[19]  Tao Li,et al.  An immunity based network security risk estimation , 2005, Science in China Series F: Information Sciences.

[20]  Sadan Kulturel-Konak,et al.  A review of clonal selection algorithm and its applications , 2011, Artificial Intelligence Review.

[21]  Jonathan Timmis,et al.  Artificial immune systems - a new computational intelligence paradigm , 2002 .

[22]  James P. Crutchfield,et al.  Geometry from a Time Series , 1980 .

[23]  Alfred V. Aho,et al.  Data Structures and Algorithms , 1983 .

[24]  Feixian Sun Artificial Immune Danger Theory Based Model for Network Security Evaluation , 2011, J. Networks.

[25]  Arash Miranian,et al.  Developing a Local Least-Squares Support Vector Machines-Based Neuro-Fuzzy Model for Nonlinear and Chaotic Time Series Prediction , 2013, IEEE Transactions on Neural Networks and Learning Systems.

[26]  Jonathan Timmis,et al.  Artificial Immune Systems: A New Computational Intelligence Approach , 2003 .

[27]  Richard Lippmann,et al.  The 1999 DARPA off-line intrusion detection evaluation , 2000, Comput. Networks.

[28]  F. Takens Detecting strange attractors in turbulence , 1981 .

[29]  A. Vannucci,et al.  Using artificial neural networks to forecast chaotic time series , 2000 .

[30]  Tim Bass,et al.  Intrusion detection systems and multisensor data fusion , 2000, CACM.

[31]  Mehmet Karaköse,et al.  A multi-objective artificial immune algorithm for parameter optimization in support vector machine , 2011, Appl. Soft Comput..

[32]  Yangyang Li,et al.  Change detection in SAR images by artificial immune multi-objective clustering , 2014, Eng. Appl. Artif. Intell..

[33]  Stephen Lau,et al.  The Spinning Cube of Potential Doom , 2004, CACM.

[34]  L. Jiao,et al.  Immune secondary response and clonal selection inspired optimizers , 2009 .

[35]  A. George,et al.  Receptor editing during affinity maturation. , 1999, Immunology today.

[36]  Ying Liang,et al.  WNN-Based Network Security Situation Quantitative Prediction Method and Its Optimization , 2008, Journal of Computer Science and Technology.