Danger Theory Concepts Improving Malware Detection of Intrusion Detection Systems That Uses Exact Graphs

This paper describes the development of an intrusion detection system (IDS) that incorporates ideas of danger theory which enhances the IDS's performance when compared to not using danger theory. Both systems use Exact Graphs to store the series of system calls in the database. Both the original and enhanced IDSs were first trained using a series of normal system calls. In the enhanced IDS, the system also responds to hardware signals changes which correspond to danger signals. Results of the comparison show that the danger theory enhanced system outperforms the original system.

[1]  Dorothy E. Denning,et al.  An Intrusion-Detection Model , 1987, IEEE Transactions on Software Engineering.

[2]  Uwe Aickelin,et al.  The Danger Theory and Its Application to Artificial Immune Systems , 2008, ArXiv.

[3]  Dipankar Dasgupta,et al.  Immuno-inspired autonomic system for cyber defense , 2007, Inf. Secur. Tech. Rep..

[4]  Mohd Zalisham Jali,et al.  A Perception Model of Spam Risk Assessment Inspired by Danger Theory of Artificial Immune Systems , 2015 .

[5]  A. Watkins An immunological approach to intrusion detection , 2000 .

[6]  Michael K. Reiter,et al.  Seurat: A Pointillist Approach to Anomaly Detection , 2004, RAID.

[7]  M. Z. Jali,et al.  Integrated Mobile Spam Model Using Artificial Immune System Algorithms urul , 2014 .

[8]  L. Segel,et al.  Design Principles for the Immune System and Other Distributed Autonomous Systems , 2001 .

[9]  Johnny S. Wong,et al.  On the symbiosis of specification-based and anomaly-based detection , 2010, Comput. Secur..

[10]  Marc Dacier,et al.  A revised taxonomy for intrusion-detection systems , 2000, Ann. des Télécommunications.

[11]  Chenggong Zhang,et al.  A danger theory inspired artificial immune algorithm for on-line supervised two-class classification problem , 2010, Neurocomputing.

[12]  Rongrong Fu,et al.  A Danger Theory Based Mobile Virus Detection Model and Its Application in Inhibiting Virus , 2012, J. Networks.

[13]  R. Sekar,et al.  Specification-based anomaly detection: a new approach for detecting network intrusions , 2002, CCS '02.

[14]  Anastasia Pagnoni,et al.  An innate immune system for the protection of computer networks , 2005 .

[15]  Uwe Aickelin,et al.  Artificial Immune Systems Tutorial , 2008, ArXiv.

[16]  Stefan Axelsson Research in Intrusion-Detection Systems: A Survey , 1998 .

[17]  Julie Greensmith,et al.  Immune system approaches to intrusion detection – a review , 2004, Natural Computing.

[18]  Johnny S. Wong,et al.  Automated Caching of Behavioral Patterns for Efficient Run-Time Monitoring , 2006, 2006 2nd IEEE International Symposium on Dependable, Autonomic and Secure Computing.

[19]  Gianni Tedesco,et al.  Firestorm Network Intrusion Detection System , 2003 .

[20]  Stefan Axelsson,et al.  Intrusion Detection Systems: A Survey and Taxonomy , 2002 .