An Ecological Approach to Anomaly Detection: The EIA Model

The presented work proposes a new approach for anomaly detection. This approach is based on changes in a population of evolving agents under stress. If conditions are appropriate, changes in the population (modeled by the bioindicators) are representative of the alterations to the environment. This approach, based on an ecological view, improves functionally traditional approaches to the detection of anomalies. To verify this assertion, experiments based on Network Intrussion Detection Systems are presented. The results are compared with the behaviour of other bioinspired approaches and machine learning techniques.

[1]  F. Wilcoxon Individual Comparisons by Ranking Methods , 1945 .

[2]  Charles R. Johnson,et al.  Matrix analysis , 1985, Statistical Inference for Engineers and Data Scientists.

[3]  Adetunmbi A. Olusola,et al.  Analysis of KDD '99 Intrusion Detection Dataset for Selection of Relevance Features , 2010 .

[4]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[5]  Zbigniew Kotulski,et al.  Analysis of different architectures of neural networks for application in Intrusion Detection Systems , 2008, 2008 International Multiconference on Computer Science and Information Technology.

[6]  Elizabeth Sklar,et al.  NetLogo, a Multi-agent Simulation Environment , 2007, Artificial Life.

[7]  Richard Lippmann,et al.  The 1999 DARPA off-line intrusion detection evaluation , 2000, Comput. Networks.

[8]  Milos Manic,et al.  Neural Network based Intrusion Detection System for critical infrastructures , 2009, 2009 International Joint Conference on Neural Networks.

[9]  A.O. Tarakanov,et al.  Immunocomputing for intelligent intrusion detection , 2008, IEEE Computational Intelligence Magazine.

[10]  D. Dasgupta Artificial Immune Systems and Their Applications , 1998, Springer Berlin Heidelberg.

[11]  Vincenzo Cutello,et al.  Clonal Selection Algorithms: A Comparative Case Study Using Effective Mutation Potentials , 2005, ICARIS.

[12]  Dawn M. Cappelli,et al.  Combating the Insider Cyber Threat , 2008, IEEE Security & Privacy.

[13]  Tom Fawcett,et al.  An introduction to ROC analysis , 2006, Pattern Recognit. Lett..

[14]  J. Halley Ecology, evolution and 1 f -noise. , 1996, Trends in ecology & evolution.

[15]  Stephanie Forrest,et al.  A Machine Learning Evaluation of an Artificial Immune System , 2005, Evolutionary Computation.

[16]  E. Sklar Software Review: NetLogo, a Multi-agent Simulation Environment , 2007 .

[17]  Simon Haykin,et al.  Neural Networks and Learning Machines , 2010 .

[18]  D. Jeffrey,et al.  Bioindicators and environmental management , 1991 .

[19]  Hussein A. Abbass,et al.  Data Mining: A Heuristic Approach , 2002 .

[20]  H. Abbass,et al.  aiNet : An Artificial Immune Network for Data Analysis , 2022 .

[21]  Wolfgang Banzhaf,et al.  The use of computational intelligence in intrusion detection systems: A review , 2010, Appl. Soft Comput..

[22]  António Coutinho A walk with Francisco Varela from first- to second-generation networks: in search of the structure, dynamics and metadynamics of an organism-centered immune system. , 2003, Biological research.

[23]  Francisco Varela Hugues Bersini Self-Assertion versus Self-Recognition : A Tribute to Francisco Varela , 2002 .

[24]  Gregg H. Gunsch,et al.  An artificial immune system architecture for computer security applications , 2002, IEEE Trans. Evol. Comput..

[25]  Aline Pettersson,et al.  El árbol del conocimiento , 2000 .

[26]  Alan S. Perelson,et al.  Self-nonself discrimination in a computer , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[27]  Anne N. De Roeck,et al.  Autopoiesis, the immune system, and adaptive information filtering , 2009, Natural Computing.

[28]  Juan E. Tapiador,et al.  Anomaly detection methods in wired networks: a survey and taxonomy , 2004, Comput. Commun..

[29]  Alexander O. Tarakanov,et al.  Signal Processing by an Immune Type Tree Transform , 2003, ICARIS.