A secondary immune response based on co-evolutive populations of agents for anomaly detection and characterization

The detection of anomalies in unknown environments is a problem that has been approached from different perspectives with variable results. Ariticial Immune Systems (AIS) present particularly advantageous characteristics for the detection of such anomalies. This research is based on an existing detector model, named Artificial Bioindicators System (ABS) which identifies and solves its main weaknesses. An ABS-based anomaly classifier model is presented, incorporating elements of the immune system AIS. In this way, a new model (R-ABS) is developed which includes the advantageous capabilities of an ABS plus the reactive capabilities of an AIS to overcome its weaknesses and disadvantages. The RABS model was tested using the well-known DARPA’98 dataset, plus a dataset built to carry out a greater number of experiments. The performance of the RABS model was compared to the performance of the ABS model based on classical sensitivity and specificity metrics, plus a response time metric to illustrate the rapid response of R-ABS relative to ABS. The results showed a better performance of R-ABS, especially in terms of detection time.

[1]  Dr. Zbigniew Michalewicz,et al.  How to Solve It: Modern Heuristics , 2004 .

[2]  Gabriel Maciá-Fernández,et al.  Anomaly-based network intrusion detection: Techniques, systems and challenges , 2009, Comput. Secur..

[3]  Christopher Krügel,et al.  Using Generalization and Characterization Techniques in the Anomaly-based Detection of Web Attacks , 2006, NDSS.

[4]  Alan S. Perelson,et al.  Self-nonself discrimination in a computer , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[5]  Aiko Pras,et al.  Anomaly Characterization in Flow-Based Traffic Time Series , 2008, IPOM.

[6]  Francisco Herrera,et al.  Artificial intelligence within the interplay between natural and artificial computation: Advances in data science, trends and applications , 2020, Neurocomputing.

[7]  Witold Pedrycz,et al.  Anomaly Detection and Characterization in Spatial Time Series Data: A Cluster-Centric Approach , 2014, IEEE Transactions on Fuzzy Systems.

[8]  Christian Blum,et al.  An Artificial Bioindicator System for Network Intrusion Detection , 2015, Artificial Life.

[9]  Abiodun Musa Aibinu,et al.  New road anomaly detection and characterization algorithm for autonomous vehicles , 2018 .

[10]  Mário M. Freire,et al.  Applications of artificial immune systems to computer security: A survey , 2017, J. Inf. Secur. Appl..

[11]  Tim Oates,et al.  Early Detection of Cybersecurity Threats Using Collaborative Cognition , 2018, 2018 IEEE 4th International Conference on Collaboration and Internet Computing (CIC).

[12]  P. Matzinger,et al.  An innate sense of danger. , 1998, Seminars in immunology.

[13]  Fernando José Von Zuben,et al.  Learning and optimization using the clonal selection principle , 2002, IEEE Trans. Evol. Comput..

[14]  Weiying Xie,et al.  Characterization of Background-Anomaly Separability With Generative Adversarial Network for Hyperspectral Anomaly Detection , 2021, IEEE Transactions on Geoscience and Remote Sensing.

[15]  P. Matzinger Tolerance, danger, and the extended family. , 1994, Annual review of immunology.

[16]  Bo Li,et al.  Stable Prediction across Unknown Environments , 2018, KDD.

[17]  Chein-I Chang,et al.  Characterization of anomaly detection in hyperspectral imagery , 2006 .

[18]  Tai-Myoung Chung,et al.  Big data analysis system concept for detecting unknown attacks , 2014, 16th International Conference on Advanced Communication Technology.