Vulnerability analysis of immunity-based intrusion detection systems using genetic and evolutionary hackers

Artificial immune systems (AISs) are biologically inspired problem solvers that have been used successfully as intrusion detection systems (IDSs). In this paper, we compare a genetic hacker with 12 evolutionary hackers based on particle swarm optimization (PSO) that have been effectively used as vulnerability analyzers (red teams) for AIS-based IDSs. Our results show that the PSO-based red teams that use Clerc's constriction coefficient outperform those that do not. Our results also show that the three types of red teams (genetic, basic PSO, and PSO with the constriction coefficient) have distinct search behaviors that are complimentary.

[1]  Kalyanmoy Deb,et al.  A Comparative Analysis of Selection Schemes Used in Genetic Algorithms , 1990, FOGA.

[2]  Stephen Northcutt,et al.  Network Intrusion Detection: An Analyst's Hand-book , 1999 .

[3]  Gerry V. Dozier,et al.  Comparing performance of binary-coded detectors and constraint-based detectors , 2004, Proceedings of the 2004 Congress on Evolutionary Computation (IEEE Cat. No.04TH8753).

[4]  Michael I. Jordan,et al.  Computer Intrusion Detection and Network Monitoring: A Statistical Viewpoint , 2001 .

[5]  Stephanie Forrest,et al.  An immunological model of distributed detection and its application to computer security , 1999 .

[6]  Jun Zhu,et al.  Artificial immunity using constraint-based detectors , 2002, Proceedings of the 5th Biannual World Automation Congress.

[7]  D. Dasgupta Artificial Immune Systems and Their Applications , 1998, Springer Berlin Heidelberg.

[8]  Dipankar Dasgupta,et al.  An Overview of Artificial Immune Systems and Their Applications , 1993 .

[9]  E. Bloedorn,et al.  Data mining for network intrusion detection : How to get started , 2001 .

[10]  David J. Marchette A Statistical Method for Profiling Network Traffic , 1999, Workshop on Intrusion Detection and Network Monitoring.

[11]  Stephanie Forrest,et al.  Architecture for an Artificial Immune System , 2000, Evolutionary Computation.

[12]  Gerry V. Dozier,et al.  Vulnerability analysis of AIS-based intrusion detection systems via genetic and particle swarm red teams , 2004, Proceedings of the 2004 Congress on Evolutionary Computation (IEEE Cat. No.04TH8753).

[13]  Stephen Northcutt,et al.  Intrusion Signatures and Analysis , 2001 .

[14]  Stephanie Forrest,et al.  Principles of a computer immune system , 1998, NSPW '97.

[15]  David E. Goldberg,et al.  FOX-GA: A Genetic Algorithm for Generating and Analyzing Battlefield Courses of Action , 1999, Evolutionary Computation.

[16]  Fabio A. González,et al.  An immunity-based technique to characterize intrusions in computer networks , 2002, IEEE Trans. Evol. Comput..

[17]  Stephanie Forrest,et al.  Immunity by design: an artificial immune system , 1999 .

[18]  Lawrence. Davis,et al.  Handbook Of Genetic Algorithms , 1990 .

[19]  Makoto Yokoo,et al.  Distributed Constraint Satisfaction: Foundations of Cooperation in Multi-agent Systems , 2000 .

[20]  Andrew Stewart Distributed Metastasis : A Computer Network Penetration Methodology , 1999 .

[21]  Makoto Yokoo,et al.  Distributed Constraint Satisfaction , 2000, Springer Series on Agent Technology.

[22]  Stephanie Forrest,et al.  Revisiting LISYS: parameters and normal behavior , 2002, Proceedings of the 2002 Congress on Evolutionary Computation. CEC'02 (Cat. No.02TH8600).

[23]  Gerry V. Dozier,et al.  Vulnerability Analysis of Immunity-Based Intrusion Detection Systems Using Evolutionary Hackers , 2004, GECCO.

[24]  Gerry V. Dozier IDS Vulnerability Analysis Using Genertia Red Teams , 2003, Security and Management.

[25]  James Cannady,et al.  Artificial Neural Networks for Misuse Detection , 1998 .