Immunological Approach for Intrusion Detection

One of the central challenges with computer security is determining the difference between normal and potentially harmful behavior. For decades, developers have protected their systems using classical methods. However, the growth and complexity of computer systems or networks to protect require the development of automated and adaptive defensive tools. Promising solutions are emerging with biological inspired computing, and in particular, the immunological approach. In this paper, we propose two artificial immune systems for intrusion detection using the KDD Cup'99 database. The first one is based on the danger theory using the dendritic cells algorithm and the second is based on negative selection. The obtained results are promising. MOTS-CLÉS : Systèmes immunitaires artificiels, Détection d’intrusion, Détection d’anomalies, Théorie du danger, Algorithme des cellules dendritiques, Algorithme de la sélection négative.

[1]  Nabil A. Ismail,et al.  Artificial Immune Clonal Selection Classification Algorithms for Classifying Malware and Benign Processes Using API Call Sequences , 2010 .

[2]  Huan Yang,et al.  Introducing Adjuvants to Dendritic Cell Algorithm for Stealthy Malware Detection , 2012, 2012 Fifth International Symposium on Computational Intelligence and Design.

[3]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[4]  Yan Sun,et al.  Artificial Immune for Harmful Information Filtering , 2011 .

[5]  Marc Dacier,et al.  Intrusion detection , 1999, Comput. Networks.

[6]  Julie Greensmith,et al.  Immune system approaches to intrusion detection – a review , 2004, Natural Computing.

[7]  Thomas Stibor,et al.  On the appropriateness of negative selection for anomaly detection and network intrusion detection , 2006 .

[8]  Sanjay Rawat,et al.  Enhancing Computer Security with Smart Technology , 2006 .

[9]  Pascal Bouvry,et al.  Anomaly detection in TCP/IP networks using immune systems paradigm , 2007, Comput. Commun..

[10]  Luci Pirmez,et al.  Intrusion Detection System for Wireless Sensor Networks Using Danger Theory Immune-Inspired Techniques , 2012, International Journal of Wireless Information Networks.

[11]  Anurag Jain,et al.  An Efficient Approach to Categorize Data Using Improved Dendritic Cell Algorithm with Dempster Belief Theory , 2013 .

[12]  Hui-bo Jia,et al.  Smart Intrusion Detection Method Using Negative Selection Algorithm Based on Maximum Entropy Model , 2009, 2009 International Conference on Artificial Intelligence and Computational Intelligence.

[13]  Julie Greensmith,et al.  Dendritic Cells for Anomaly Detection , 2006, 2006 IEEE International Conference on Evolutionary Computation.

[14]  Hervé Debar An Introduction to Intrusion-Detection Systems , 2000 .

[15]  André Zúquete,et al.  A Negative Selection Approach to Intrusion Detection , 2012, ICARIS.

[16]  Tansu Alpcan,et al.  A Cooperative AIS Framework for Intrusion Detection , 2007, 2007 IEEE International Conference on Communications.

[17]  Simon M. Garrett,et al.  How Do We Evaluate Artificial Immune Systems? , 2005, Evolutionary Computation.

[18]  Uwe Aickelin,et al.  Danger Theory: The Link between AIS and IDS? , 2003, ICARIS.

[19]  Julie Greensmith,et al.  Sensing Danger: Innate Immunology for Intrusion Detection , 2007, Inf. Secur. Tech. Rep..

[20]  Julie Greensmith,et al.  Introducing Dendritic Cells as a Novel Immune-Inspired Algorithm for Anomoly Detection , 2005, ICARIS.

[21]  Malcolm I. Heywood,et al.  Selecting Features for Intrusion Detection: A Feature Relevance Analysis on KDD 99 , 2005, PST.

[22]  Julie Greensmith,et al.  The dendritic cell algorithm , 2007 .

[23]  Xiaowei Wang Research of Immune Intrusion Detection Algorithm Based on Semi-supervised Clustering , 2011, AICI.

[24]  Vladimir A. Golovko,et al.  Neural Network and Artificial Immune Systems for Malware and Network Intrusion Detection , 2010, Advances in Machine Learning II.

[25]  Tao Li,et al.  A New Intrusion Detection Method Based on Antibody Concentration , 2009, ICIC.

[26]  David Cornforth,et al.  Malicious Code Detection Architecture Inspired by Human Immune System , 2008, 2008 Ninth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing.