An artificial immune system architecture for computer security applications

With increased global interconnectivity and reliance on e-commerce, network services and Internet communication, computer security has become a necessity. Organizations must protect their systems from intrusion and computer virus attacks. Such protection must detect anomalous patterns by exploiting known signatures while monitoring normal computer programs and network usage for abnormalities. Current anti-virus and network intrusion detection (ID) solutions can become overwhelmed by the burden of capturing and classifying new viral strains and intrusion patterns. To overcome this problem, a self-adaptive distributed agent-based defense immune system based on biological strategies is developed within a hierarchical layered architecture. A prototype interactive system is designed, implemented in Java and tested. The results validate the use of a distributed-agent biological system approach toward the computer security problems of virus elimination and ID.

[1]  L. J. Hoffman Rogue programs: viruses, worms and Trojan horses , 1990 .

[2]  Gary B. Lamont,et al.  A distributed architecture for a self-adaptive computer virus immune system , 1999 .

[3]  Alfred V. Aho,et al.  Efficient string matching , 1975, Commun. ACM.

[4]  Scott A. DeLoach Multiagent Systems Engineering: A Methodology and Language for Designing Agent Systems , 1999 .

[5]  Dipankar Dasgupta An artificial immune system as a multi-agent decision support system , 1998, SMC'98 Conference Proceedings. 1998 IEEE International Conference on Systems, Man, and Cybernetics (Cat. No.98CH36218).

[6]  Jeffrey O. Kephart,et al.  A biologically inspired immune system for computers , 1994 .

[7]  Stephanie Forrest,et al.  An immunological model of distributed detection and its application to computer security , 1999 .

[8]  Gary B. Lamont,et al.  A distributed architecture for an adaptive computer virus immune system , 1998, SMC'98 Conference Proceedings. 1998 IEEE International Conference on Systems, Man, and Cybernetics (Cat. No.98CH36218).

[9]  Frederick B. Cohen,et al.  A short course on computer viruses (2nd ed.) , 1994 .

[10]  Alan S. Perelson,et al.  Theoretical and Experimental Insights into Immunology , 1992, NATO ASI Series.

[11]  Alan S. Perelson,et al.  Self-nonself discrimination in a computer , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[12]  Julius T. Tou,et al.  Pattern Recognition Principles , 1974 .

[13]  John M. Mulvey,et al.  On Reporting Computational Experiments with Mathematical Software , 1979, TOMS.

[14]  Peter Ross,et al.  Producing robust schedules via an artificial immune system , 1998, 1998 IEEE International Conference on Evolutionary Computation Proceedings. IEEE World Congress on Computational Intelligence (Cat. No.98TH8360).

[15]  C. Janeway How the immune system recognizes invaders. , 1993, Scientific American.

[16]  Rune Skardhamar Virus: Detection and Elimination , 1995 .

[17]  Dipankar Dasgupta Immunity-Based Intrusion Detection System: A General Framework , 1999 .

[18]  Gerhard Weiss,et al.  Multiagent Systems , 1999 .

[19]  Stephanie Forrest,et al.  Principles of a computer immune system , 1998, NSPW '97.

[20]  Robert K. Cunningham,et al.  Evaluating Intrusion Detection Systems Without Attacking Your Friends: The 1998 DARPA Intrusion Detection Evaluation , 1999 .

[21]  Dipankar Dasgupta,et al.  A comparison of negative and positive selection algorithms in novel pattern detection , 2000, Smc 2000 conference proceedings. 2000 ieee international conference on systems, man and cybernetics. 'cybernetics evolving to systems, humans, organizations, and their complex interactions' (cat. no.0.

[22]  D. Dasgupta Artificial Immune Systems and Their Applications , 1998, Springer Berlin Heidelberg.

[23]  Patrik D'haeseleer,et al.  An immunological approach to change detection: theoretical results , 1996, Proceedings 9th IEEE Computer Security Foundations Workshop.

[24]  Stephanie Forrest,et al.  Immunity by design: an artificial immune system , 1999 .

[25]  Jeffrey O. Kephart,et al.  Blueprint for a Computer Immune System , 1999 .

[26]  Mauricio G. C. Resende,et al.  Designing and reporting on computational experiments with heuristic methods , 1995, J. Heuristics.

[27]  Kevin P. Anchor,et al.  CDIS: Towards a Computer Immune System for Detecting Network Intrusions , 2001, Recent Advances in Intrusion Detection.

[28]  Stephanie Forrest,et al.  Computer immunology , 1997, CACM.

[29]  Kelley J Cardinale,et al.  A Constructive Induction Approach to Computer Immunology , 1999 .

[30]  George Karypis,et al.  Introduction to Parallel Computing , 1994 .

[31]  Ray Jain,et al.  The art of computer systems performance analysis - techniques for experimental design, measurement, simulation, and modeling , 1991, Wiley professional computing.