A Novel Multi-layered Immune Network Intrusion Detection Defense Model: MINID

Today network security has become an everyday problem with virtually all computers connected to the Internet. Intrusion detection serves the important function of identifying malicious activities and determining their nature, origin, and seriousness. Inspired by the many excellent characteristics of biological immune System (BIS), the network intrusion detection system (NIDS) which based on artificial immune system (AIS) has become one of the focus of the intelligent NIDS research and achieved many good results in the past studies. However, there are still many problems existed in traditional AIS-based NIDS, such as low detector generation efficiency, low detection true positive rate and high detection false positive rate, etc. Currently, the AIS-based NIDS mainly learn from the adaptive immune mechanism of BIS, but ignoring the rapid response and co-stimulatory mechanism of the innate immune of BIS, thus cause these problems discussed above. In this paper, we combine the innate and adaptive immune mechanisms in BIS and map them to AIS, and propose a novel multilayered immune network intrusion detection model (MINID) which based on pattern recognition receptor (PRR) theory. Theoretical analysis shows that the MINID model effectively integrates the misuse detection and anomaly detection technologies to quickly respond to known network intrusion attacks and discover unknown network intrusion attacks in network intrusion detection application.

[1]  Jonathan Timmis,et al.  Theoretical advances in artificial immune systems , 2008, Theor. Comput. Sci..

[2]  Zhou Ji,et al.  V-detector: An efficient negative selection algorithm with "probably adequate" detector coverage , 2009, Inf. Sci..

[3]  Julie Greensmith,et al.  Information fusion for anomaly detection with the dendritic cell algorithm , 2010, Inf. Fusion.

[4]  Julie Greensmith,et al.  Sensing Danger: Innate Immunology for Intrusion Detection , 2007, Inf. Secur. Tech. Rep..

[5]  Jamie Paul Twycross,et al.  Integrated innate and adaptive artificial immune systems applied to process anomaly detection , 2007 .

[6]  Claudia Eckert,et al.  Is negative selection appropriate for anomaly detection? , 2005, GECCO '05.

[7]  Carl Marcus Wallenburg,et al.  Dealing with supply chain risks , 2012 .

[8]  Stephanie Forrest,et al.  Infect Recognize Destroy , 1996 .

[9]  Uwe Aickelin,et al.  Biological Inspiration for Artificial Immune Systems , 2007, ICARIS.

[10]  Dipankar Dasgupta,et al.  Artificial immune systems in industrial applications , 1999, Proceedings of the Second International Conference on Intelligent Processing and Manufacturing of Materials. IPMM'99 (Cat. No.99EX296).

[11]  Uwe Aickelin,et al.  Danger Theory: The Link between AIS and IDS? , 2003, ICARIS.

[12]  C. Janeway Approaching the asymptote? Evolution and revolution in immunology. , 1989, Cold Spring Harbor symposia on quantitative biology.

[13]  Claudia Eckert,et al.  A Comparative Study of Real-Valued Negative Selection to Statistical Anomaly Detection Techniques , 2005, ICARIS.

[14]  Julie Greensmith,et al.  Detecting Danger: The Dendritic Cell Algorithm , 2010, ArXiv.

[15]  Kevin P. Anchor,et al.  CDIS: Towards a Computer Immune System for Detecting Network Intrusions , 2001, Recent Advances in Intrusion Detection.

[16]  Jon Timmis,et al.  A Multi-Layered Immune Inspired Approach to Data Mining , 2003 .

[17]  Carl Marcus Wallenburg,et al.  Dealing with supply chain risks Linking risk management practices and strategies to performance , 2017 .

[18]  Claudia Eckert,et al.  On the appropriateness of negative selection defined over Hamming shape-space as a network intrusion detection system , 2005, 2005 IEEE Congress on Evolutionary Computation.

[19]  Fernando José Von Zuben,et al.  Learning and optimization using the clonal selection principle , 2002, IEEE Trans. Evol. Comput..

[20]  Xuefeng Zheng,et al.  Multi-layer Intrusion Detection and Defence Mechanisms Based on Immunity , 2008, 2008 Second International Conference on Genetic and Evolutionary Computing.

[21]  Charles A. Janeway,et al.  Decoding the Patterns of Self and Nonself by the Innate Immune System , 2002, Science.

[22]  J. Lindsten,et al.  The Nobel Prize in Physiology or Medicine , 2001 .

[23]  Stephanie Forrest,et al.  Architecture for an Artificial Immune System , 2000, Evolutionary Computation.

[24]  George Lawton On the Trail of the Conficker Worm , 2009, Computer.

[25]  Hilarie K. Orman,et al.  The Morris Worm: A Fifteen-Year Perspective , 2003, IEEE Secur. Priv..

[26]  Emin Anarim,et al.  An intelligent intrusion detection system (IDS) for anomaly and misuse detection in computer networks , 2005, Expert Syst. Appl..

[27]  Petr Musílek,et al.  Immune programming , 2006, Inf. Sci..

[28]  Uwe Aickelin,et al.  Information fusion in the immune system , 2010, Inf. Fusion.

[29]  Fabio A. González,et al.  Anomaly Detection Using Real-Valued Negative Selection , 2003, Genetic Programming and Evolvable Machines.

[30]  Alan S. Perelson,et al.  Self-nonself discrimination in a computer , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[31]  Zhou Ji,et al.  Negative selection algorithms: from the thymus to v-detector , 2006 .