A multi-layer network defense system using artificial immune system

Artificial immune systems are computational intelligent systems inspired by human biological immune systems. The biological immune system can detect and defend the human body against different kinds of intruders. These systems are distributed, adaptive and multilayered in nature, and the proposed artificial immune system incorporates these powerful and diverse set of characteristics in designing a network security system. Recent advances in biological immune systems showed that the innate part of the system plays a greater role than previously thought. In this paper, this recent development is the corner stone of the new multi-layer model of artificial immune systems. We describe a work in progress to construct a multi-layered defense system composed of two main layers, innate and adaptive layers. This paper describes the multi-layered system layers and components, gives a detailed justification and design considerations of the system components, and shows first results from the innate layer of the system. The preliminary results show that about 70% of the traffic can be dealt with before entering the adaptive layer of the immune system.

[1]  Cheng Zhang,et al.  Network Intrusion Active Defense Model Based on Artificial Immune System , 2008, 2008 Fourth International Conference on Natural Computation.

[2]  Uwe Aickelin,et al.  Towards a Conceptual Framework for Innate Immunity , 2005, ICARIS.

[3]  Robert J. Boncella,et al.  Fuzzy Logic: An Introduction , 1995 .

[4]  S. Pillai,et al.  Innate immunity. , 1996, Current opinion in immunology.

[5]  Pascal Bouvry,et al.  Anomaly detection in TCP/IP networks using immune systems paradigm , 2007, Comput. Commun..

[6]  Leandro Nunes de Castro,et al.  Artificial Immune Systems: Part I-Basic Theory and Applications , 1999 .

[7]  Tansu Alpcan,et al.  A Cooperative AIS Framework for Intrusion Detection , 2007, 2007 IEEE International Conference on Communications.

[8]  Uwe Aickelin,et al.  libtissue - implementing innate immunity , 2006, 2006 IEEE International Conference on Evolutionary Computation.

[9]  Adetunmbi A. Olusola,et al.  Analysis of KDD '99 Intrusion Detection Dataset for Selection of Relevance Features , 2010 .

[10]  Qing-Hua Zhang,et al.  An Immunity-Based Technical Research into Network Intrusion Detection , 2008, 2008 International Conference on Computer Science and Software Engineering.

[11]  Ulrich Ultes-Nitsche,et al.  Immune System Based Intrusion Detection System , 2008, ISSA.

[12]  D. Dasgupta,et al.  Advances in artificial immune systems , 2006, IEEE Computational Intelligence Magazine.

[13]  Vishwas Sharma,et al.  Usefulness of DARPA dataset for intrusion detection system evaluation , 2008, SPIE Defense + Commercial Sensing.

[14]  D. Dasgupta,et al.  A formal model of an artificial immune system. , 2000, Bio Systems.

[15]  Jun He,et al.  A hybrid artificial immune system and Self Organising Map for network intrusion detection , 2008, Inf. Sci..

[16]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[17]  Peter A. Whigham,et al.  Innate and Adaptive Principles for an Artificial Immune System , 2006, SEAL.

[18]  Roger L. King,et al.  An artificial immune system model for intelligent agents , 2001, Future Gener. Comput. Syst..

[19]  Mu-Chun Su,et al.  A New Approach to Artificial Immune Systems and its Application in Constructing On-line Learning Neuro-Fuzzy Systems , 2008 .

[20]  Jonathan Timmis,et al.  Application Areas of AIS: The Past, The Present and The Future , 2005, ICARIS.

[21]  Peter J. Bentley,et al.  The Human Immune System and Network Intrusion Detection , 1999 .

[22]  Yakov Rekhter,et al.  Address Allocation for Private Internets , 1994, RFC.

[23]  Stephanie Forrest,et al.  Immunity by design: an artificial immune system , 1999 .

[24]  Hongxia Xie,et al.  Notice of Violation of IEEE Publication PrinciplesAn Intrusion Detection Architecture for Ad Hoc Network Based on Artificial Immune System , 2006, 2006 Seventh International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT'06).

[25]  Gregg H. Gunsch,et al.  An artificial immune system architecture for computer security applications , 2002, IEEE Trans. Evol. Comput..