An immuno-fuzzy approach to anomaly detection

This paper presents a new technique for generating a set of fuzzy rules that can characterize the non-self space (abnormal) using only self (normal) samples. Because, fuzzy logic can provide a better characterization of the boundary between normal and abnormal, it can increase the accuracy in solving the anomaly detection problem. Experiments with synthetic and real data sets are performed in order to show the applicability of the proposed approach and also to compare with other works reported in the literature.

[1]  Dipankar Dasgupta,et al.  Novelty detection in time series data using ideas from immunology , 1996 .

[2]  Peter J. Bentley,et al.  An evaluation of negative selection in an artificial immune system for network intrusion detection , 2001 .

[3]  Yoshikiyo Kato,et al.  Fault Detection by Mining Association Rules from House-keeping Data , 2001 .

[4]  Fabio A. González,et al.  An immunity-based technique to characterize intrusions in computer networks , 2002, IEEE Trans. Evol. Comput..

[5]  Dipankar Dasgupta,et al.  An Anomaly Entection Algorithm Inspired by the Immune Syste , 1999 .

[6]  Fabio A. González,et al.  An Imunogenetic Technique To Detect Anomalies In Network Traffic , 2002, GECCO.

[7]  Ron Kohavi,et al.  The Case against Accuracy Estimation for Comparing Induction Algorithms , 1998, ICML.

[8]  Stephanie Forrest,et al.  Architecture for an Artificial Immune System , 2000, Evolutionary Computation.

[9]  Patrick K. Simpson,et al.  Fuzzy min-max neural networks. I. Classification , 1992, IEEE Trans. Neural Networks.

[10]  Samir W. Mahfoud Crowding and Preselection Revisited , 1992, PPSN.

[11]  Jonatan Gómez,et al.  Evolving Fuzzy Classifiers for Intrusion Detection , 2002 .

[12]  D. Fogel,et al.  Discovering patterns in spatial data using evolutionary programming , 1996 .

[13]  Carlos A. Coello Coello,et al.  A parallel implementation of an artificial immune system to handle constraints in genetic algorithms: preliminary results , 2002, IEEE Congress on Evolutionary Computation.

[14]  Dipankar Dasgupta,et al.  Tool Breakage Detection in Milling Operations using a Negative-Selection Algorithm , 1995 .

[15]  D. Dasgupta,et al.  A MORE BIOLOGICALLY MOTIVATED GENETIC ALGORITHM: THE MODEL AND SOME RESULTS , 1994 .

[16]  Jeffrey O. Kephart,et al.  A biologically inspired immune system for computers , 1994 .

[17]  Andrew M. Tyrrell Computer Know Thy Self!: A Biological Way to Look at Fault-Tolerance , 1999, EUROMICRO.

[18]  Dorothy E. Denning,et al.  An Intrusion-Detection Model , 1986, 1986 IEEE Symposium on Security and Privacy.

[19]  D. Dasgupta,et al.  Combining negative selection and classification techniques for anomaly detection , 2002, Proceedings of the 2002 Congress on Evolutionary Computation. CEC'02 (Cat. No.02TH8600).

[20]  A.M. Tyrell,et al.  Computer know thy self!: a biological way to look at fault-tolerance , 1999, Proceedings 25th EUROMICRO Conference. Informatics: Theory and Practice for the New Millennium.

[21]  Salvatore J. Stolfo,et al.  Data Mining Approaches for Intrusion Detection , 1998, USENIX Security Symposium.

[22]  Patrick K. Simpson,et al.  Fuzzy min-max neural networks - Part 2: Clustering , 1993, IEEE Trans. Fuzzy Syst..

[23]  Alan S. Perelson,et al.  Self-nonself discrimination in a computer , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[24]  Salvatore J. Stolfo,et al.  Using artificial anomalies to detect unknown and known network intrusions , 2001, Proceedings 2001 IEEE International Conference on Data Mining.

[25]  Eamonn J. Keogh,et al.  Finding surprising patterns in a time series database in linear time and space , 2002, KDD.

[26]  Ralph R. Martin,et al.  A Sequential Niche Technique for Multimodal Function Optimization , 1993, Evolutionary Computation.

[27]  D. Dasgupta Artificial Immune Systems and Their Applications , 1998, Springer Berlin Heidelberg.

[28]  P. K. Simpson,et al.  Fuzzy min-max neural networks , 1991, [Proceedings] 1991 IEEE International Joint Conference on Neural Networks.

[29]  Richard P. Lippmann,et al.  1999 DARPA Intrusion Detection Evaluation: Design and Procedures , 2001 .

[30]  Dipankar Dasgupta An Overview of Artificial Immune Systems and Their Applications , 1993 .