An Intrusion Detection and Prevention System Using AIS—An NK Cell-Based Approach

The widespread use of internet in key areas has increased unauthorized attacks in the network. Intrusion detection and prevention system detects as well as prevents the attacks on confidentiality, integrity, and availability of the system. In this paper, an Artificial Immune System based intrusion detection and prevention system is designed using artificial Natural Killer (NK) cells. Random NK cells are generated and negative selection algorithm is applied to eliminate self-identifying cells. These cells detect attacks on the network. High health value cells that detect a large number of attacks are proliferated into the network. When the proliferation reaches a threshold, the NK cells are migrated into the intrusion prevention system. So NK cells in IDS are in promiscuous mode and NK cells in IPS are in inline mode. The technique yields high detection rate, better accuracy and low response time.

[1]  Alan S. Perelson,et al.  Self-nonself discrimination in a computer , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[2]  Dorothy E. Denning,et al.  An Intrusion-Detection Model , 1986, 1986 IEEE Symposium on Security and Privacy.

[3]  Reza Azmi,et al.  MAIS-IDS: A distributed intrusion detection system using multi-agent AIS approach , 2014, Eng. Appl. Artif. Intell..

[4]  F. Burnet The clonal selection theory of acquired immunity , 1959 .

[5]  Tao Li,et al.  Distributed agents model for intrusion detection based on AIS , 2009, Knowl. Based Syst..

[6]  Walmir M. Caminhas,et al.  Design of an Artificial Immune System for fault detection: A Negative Selection Approach , 2010, Expert Syst. Appl..

[7]  P. Matzinger The Danger Model: A Renewed Sense of Self , 2002, Science.

[8]  Ying Tan,et al.  Immune cooperation mechanism based learning framework , 2015, Neurocomputing.

[9]  Chung-Ming Ou,et al.  Host-based intrusion detection systems adapted from agent-based artificial immune systems , 2012, Neurocomputing.

[10]  Fernando José Von Zuben,et al.  Learning and optimization using the clonal selection principle , 2002, IEEE Trans. Evol. Comput..

[11]  Julie Greensmith,et al.  Introducing Dendritic Cells as a Novel Immune-Inspired Algorithm for Anomoly Detection , 2005, ICARIS.

[12]  I. Melero,et al.  Cellular liaisons of natural killer lymphocytes in immunology and immunotherapy of cancer , 2007, Expert opinion on biological therapy.

[13]  Stephanie Forrest,et al.  Infect Recognize Destroy , 1996 .

[14]  Jerne Nk Towards a network theory of the immune system. , 1974 .

[15]  Jun Fu,et al.  Bait a Trap: Introducing Natural Killer Cells to Artificial Immune System for Spyware Detection , 2012, ICARIS.

[16]  Tarek S. Sobh,et al.  A cooperative immunological approach for detecting network anomaly , 2011, Appl. Soft Comput..