On the negative selection and the danger theory inspired security for heterogeneous networks

Aspirations for a boundless communication paradigm for future generation networks have changed the conventional way of looking at network security. With such a vision, security techniques should not only be securing local end-users but also be protecting entire networks from malicious adversaries. Unfortunately, providing security protection for such gigantic networks is a very challenging task. Based on the analogous relationships of various cell interactions in a metabolic network and a complex heterogeneous network, we explore the possibilities of human immune system (HIS) inspired anomaly detection for protecting interworked heterogeneous networks. In light of this, the applicability of two key schools of thought on how the HIS detects anomalies; namely, the Negative Selection (NS) and the Danger Theory (DT) are discussed in this article. While the NS theory is the traditional understanding of anomaly detection in the HIS, the DT is a radical new concept that challenges the main fundamentals of the NS theory, which is currently being hotly debated among immunologists. Based on this, the article highlights the applicability and the limitations of these two theories in detecting malicious anomalies in heterogeneous networks. From our analysis, we establish a doctrine that the DT outperforms its counterpart (the NS theory) in detecting anomalies in a complex heterogeneous network. Our analysis also indicates that the DT inspired anomaly detection is efficient in detecting malicious network adversaries and updating network segments that are under attack, thereby increasing the survivability of heterogeneous networks.

[1]  Albert,et al.  Emergence of scaling in random networks , 1999, Science.

[2]  Julie Greensmith,et al.  DCA for bot detection , 2008, 2008 IEEE Congress on Evolutionary Computation (IEEE World Congress on Computational Intelligence).

[3]  Alan S. Perelson,et al.  Self-nonself discrimination in a computer , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[4]  Stephanie Forrest,et al.  Architecture for an Artificial Immune System , 2000, Evolutionary Computation.

[5]  Mark Burgess,et al.  Probabilistic anomaly detection in distributed computer networks , 2006, Sci. Comput. Program..

[6]  Hong Zhao,et al.  Self-similar traffic prediction using least mean kurtosis , 2003, Proceedings ITCC 2003. International Conference on Information Technology: Coding and Computing.

[7]  Uwe Aickelin,et al.  Cooperative Automated Worm Response and Detection ImmuNe ALgorithm(CARDINAL) Inspired by T-Cell Immunity and Tolerance , 2005, ICARIS.

[8]  Falko Dressler Bio-inspired Promoters and Inhibitors for Self-Organized Network Security Facilities , 2006, 2006 1st Bio-Inspired Models of Network, Information and Computing Systems.

[9]  Li Tao,et al.  A self-adaptive negative selection algorithm used for anomaly detection , 2009 .

[10]  Jeffrey O. Kephart,et al.  A biologically inspired immune system for computers , 1994 .

[11]  Yiwen Liang,et al.  A Double Layers Detection for DoS Based on the Danger Theory , 2009, 2009 International Conference on Computer Modeling and Simulation.

[12]  Jonathan Timmis,et al.  Artificial Immune Systems: A New Computational Intelligence Approach , 2003 .

[13]  Abbas Jamalipour,et al.  On designing issues of the next generation mobile network , 2007, IEEE Network.

[14]  Kang G. Shin,et al.  Change-point monitoring for the detection of DoS attacks , 2004, IEEE Transactions on Dependable and Secure Computing.

[15]  P. Matzinger Tolerance, danger, and the extended family. , 1994, Annual review of immunology.

[16]  A. Jamalipour,et al.  Detection of DoS and DDoS attacks in NGMN using frequency domain analysis , 2008, 2008 14th Asia-Pacific Conference on Communications.

[17]  Farhoud Hosseinpour,et al.  Botnet detection based on common network behaviors by utilizing Artificial Immune System(AIS) , 2010, 2010 2nd International Conference on Software Technology and Engineering.

[18]  Frank Feather,et al.  Fault detection in an Ethernet network using anomaly signature matching , 1993, SIGCOMM '93.

[19]  Fabio A. González,et al.  Discriminating and visualizing anomalies using negative selection and self-organizing maps , 2005, GECCO '05.

[20]  Wan Tang,et al.  Avidity-model based clonal selection algorithm for network intrusion detection , 2010, 2010 IEEE 18th International Workshop on Quality of Service (IWQoS).

[21]  Gregg H. Gunsch,et al.  An artificial immune system architecture for computer security applications , 2002, IEEE Trans. Evol. Comput..