Further Experimentation with Hybrid Immune Inspired Network Intrusion Detection

This paper presents continued experimentation on the Network Threat Recognition with Immune Inspired Anomaly Detection, or NetTRIIAD, model. This hybrid model combines established network monitoring methods with artificial immune system methods to achieve improved performance. The paper presets experiments investigating the model’s performance in detecting novel threats and the performance contribution of the individual components.

[1]  Philip K. Chan,et al.  An Analysis of the 1999 DARPA/Lincoln Laboratory Evaluation Data for Network Anomaly Detection , 2003, RAID.

[2]  Robert L. Fanelli A Hybrid Model for Immune Inspired Network Intrusion Detection , 2008, ICARIS.

[3]  Dipankar Dasgupta,et al.  An Overview of Artificial Immune Systems and Their Applications , 1993 .

[4]  Polly Matzinger,et al.  Friendly and dangerous signals: is the tissue in control? , 2007, Nature Immunology.

[5]  Julie Greensmith,et al.  Dendritic cells for SYN scan detection , 2007, GECCO '07.

[6]  Julie Greensmith,et al.  Malicious Code Execution Detection and Response Immune System inspired by the Danger Theory , 2010, ArXiv.

[8]  Claudia Eckert,et al.  On the appropriateness of negative selection defined over Hamming shape-space as a network intrusion detection system , 2005, 2005 IEEE Congress on Evolutionary Computation.

[9]  Stephanie Forrest,et al.  A Machine Learning Evaluation of an Artificial Immune System , 2005, Evolutionary Computation.

[10]  John McHugh,et al.  Testing Intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory , 2000, TSEC.

[11]  Stephanie Forrest,et al.  Infect Recognize Destroy , 1996 .

[12]  Peter J. Bentley,et al.  Towards an artificial immune system for network intrusion detection: an investigation of dynamic clonal selection , 2002, Proceedings of the 2002 Congress on Evolutionary Computation. CEC'02 (Cat. No.02TH8600).

[13]  Julie Greensmith,et al.  DCA for bot detection , 2008, 2008 IEEE Congress on Evolutionary Computation (IEEE World Congress on Computational Intelligence).

[14]  P. Matzinger Tolerance, danger, and the extended family. , 1994, Annual review of immunology.

[15]  Uwe Aickelin,et al.  Danger Theory: The Link between AIS and IDS? , 2003, ICARIS.

[16]  Julie Greensmith,et al.  Introducing Dendritic Cells as a Novel Immune-Inspired Algorithm for Anomoly Detection , 2005, ICARIS.

[17]  Stephanie Forrest,et al.  Architecture for an Artificial Immune System , 2000, Evolutionary Computation.

[18]  Moshe Sipper,et al.  The preservation of favored building blocks in the struggle for fitness: the puzzle algorithm , 2004, IEEE Transactions on Evolutionary Computation.

[19]  Gregory J. Conti,et al.  Toward Instrumenting Network Warfare Competitions to Generate Labeled Datasets , 2009, CSET.