An Extended Negative Selection Algorithm for Anomaly Detection

This paper proposes an extended negative selection algorithm for anomaly detection. Unlike previously proposed negative selection algorithms which do not make use of non-self data, the extended negative selection algorithm first acquires prior knowledge about the characteristics of the Problem space from the historial sample data by using machine learning techniques. Such data consists of both self data and non-self data. The acquired prior knowledge is represented in the form of production rules and thus viewed as common schemata which characterise the two subspaces: self-subspace and non-self-subspace, and provide important information to the generation of detection rules. One advantage of our approach is that it does not rely on the structured representation of the data and can be applied to general anomaly detection. To test the effectiveness, we test our approach through experiments with the public data set iris and KDD’99 published data set.

[1]  Dipankar Dasgupta,et al.  Novelty detection in time series data using ideas from immunology , 1996 .

[2]  Stephanie Forrest,et al.  Architecture for an Artificial Immune System , 2000, Evolutionary Computation.

[3]  Fabio A. González,et al.  A Randomized Real-Valued Negative Selection Algorithm , 2003, ICARIS.

[4]  Gregg H. Gunsch,et al.  An artificial immune system architecture for computer security applications , 2002, IEEE Trans. Evol. Comput..

[5]  Alan S. Perelson,et al.  Self-nonself discrimination in a computer , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[6]  Fabio A. González,et al.  An immunity-based technique to characterize intrusions in computer networks , 2002, IEEE Trans. Evol. Comput..

[7]  Zhou Ji,et al.  Artificial immune system (AIS) research in the last five years , 2003, The 2003 Congress on Evolutionary Computation, 2003. CEC '03..

[8]  Rogério de Lemos,et al.  Negative Selection: How to Generate Detectors , 2002 .

[9]  Fabio A. González,et al.  An immuno-fuzzy approach to anomaly detection , 2003, The 12th IEEE International Conference on Fuzzy Systems, 2003. FUZZ '03..

[10]  Steve Cayzer,et al.  An Immune-based Approach to Document Classification , 2003, IIS.

[11]  Peter J. Bentley,et al.  Negative selection and niching by an artificial immune system for network intrusion detection , 1999 .

[12]  Fernando José Von Zuben,et al.  Learning and optimization using the clonal selection principle , 2002, IEEE Trans. Evol. Comput..

[13]  Dipankar Dasgupta,et al.  Artificial immune systems in industrial applications , 1999, Proceedings of the Second International Conference on Intelligent Processing and Manufacturing of Materials. IPMM'99 (Cat. No.99EX296).