Applications of artificial immune systems to computer security: A survey

For the last two decades, artificial immune systems have been studied in various fields of knowledge. They were shown to be particularly effective tools at detecting anomalous behavior in the security domain of computer systems. This article introduces the principles of artificial immune systems and surveys several works applying such systems to computer security problems. The works herein discussed are summarized and open issues are pointed out afterwards, elaborating on a novel applicability of these systems to cloud computing environments.

[1]  Jonathan Timmis,et al.  Artificial immune systems - a new computational intelligence paradigm , 2002 .

[2]  Justin Zhijun Zhan,et al.  An artificial immune system for phishing detection , 2012, 2012 IEEE Congress on Evolutionary Computation.

[3]  Stephanie Forrest,et al.  Architecture for an Artificial Immune System , 2000, Evolutionary Computation.

[4]  Dipankar Dasgupta,et al.  Artificial neural networks and artificial immune systems: similarities and differences , 1997, 1997 IEEE International Conference on Systems, Man, and Cybernetics. Computational Cybernetics and Simulation.

[5]  Sanguthevar Rajasekaran,et al.  Artificial Immune Systems: Models, Applications, and challenges , 2012, SAC '12.

[6]  Fabio A. González,et al.  Anomaly Detection Using Real-Valued Negative Selection , 2003, Genetic Programming and Evolvable Machines.

[7]  Hovav Shacham,et al.  Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds , 2009, CCS.

[8]  Christian Jacob,et al.  The Swarming Body: Simulating the Decentralized Defenses of Immunity , 2006, ICARIS.

[9]  Robert L. Fanelli Further Experimentation with Hybrid Immune Inspired Network Intrusion Detection , 2010, ICARIS.

[10]  Rongfang Bie,et al.  Artificial Immune Networks: Models and Applications , 2006 .

[11]  Jonathan Timmis,et al.  Artificial Immune Systems: A New Computational Intelligence Approach , 2003 .

[12]  M. Kapsenberg Dendritic-cell control of pathogen-driven T-cell polarization , 2003, Nature Reviews Immunology.

[13]  Polly Matzinger,et al.  An Innate Sense of Danger , 2002, Annals of the New York Academy of Sciences.

[14]  Jonathan Timmis,et al.  Noname manuscript No. (will be inserted by the editor) On Artificial Immune Systems and Swarm Intelligence , 2022 .

[15]  Leandro Nunes de Castro,et al.  aiNet: An Artificial Immune Network for Data Analysis , 2002 .

[16]  Ying Tan,et al.  Concentration based feature construction approach for spam detection , 2009, 2009 International Joint Conference on Neural Networks.

[17]  Peter J. Bentley,et al.  Immune Memory in the Dynamic Clonal Selection Algorithm , 2002 .

[18]  Fernando Niño,et al.  A Framework for Evolving Multi-Shaped Detectors in Negative Selection , 2007, 2007 IEEE Symposium on Foundations of Computational Intelligence.

[19]  Stephanie Forrest,et al.  A sense of self for Unix processes , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[20]  John E. Hunt,et al.  Learning using an artificial immune system , 1996 .

[21]  Uwe Aickelin,et al.  Danger Theory: The Link between AIS and IDS? , 2003, ICARIS.

[22]  Tanja Zseby,et al.  Network Immunity: What can we learn from nature for network protection? , 2007, 2007 2nd Bio-Inspired Models of Network, Information and Computing Systems.

[23]  Peter J. Bentley,et al.  An evaluation of negative selection in an artificial immune system for network intrusion detection , 2001 .

[24]  Xiang Zhang,et al.  Vector computer 757 , 1986, Journal of Computer Science and Technology.

[25]  Alexander O. Tarakanov,et al.  Information Security with Formal Immune Networks , 2001, MMM-ACNS.

[26]  Zhou Ji,et al.  Revisiting Negative Selection Algorithms , 2007, Evolutionary Computation.

[27]  Emma Hart,et al.  Evaluation and Extension of the AISEC Email Classification System , 2008, ICARIS.

[28]  Atulya K. Nagar,et al.  Towards an Artificial Immune System for Online Fraud Detection , 2011, ICARIS.

[29]  Vladimir I. Vasilyev,et al.  Immune model based approach for network intrusion detection , 2010, SIN.

[30]  Ying Tan,et al.  Extracting discriminative information from e-mail for spam detection inspired by Immune System , 2010, IEEE Congress on Evolutionary Computation.

[31]  Stephanie Forrest,et al.  A Machine Learning Evaluation of an Artificial Immune System , 2005, Evolutionary Computation.

[32]  Jeffrey O. Kephart,et al.  A biologically inspired immune system for computers , 1994 .

[33]  Stephanie Forrest,et al.  Automated response using system-call delays , 2000 .

[34]  Zhiguo Zhao,et al.  An artificial immunity-based proactive defense system , 2007, 2007 IEEE International Conference on Robotics and Biomimetics (ROBIO).

[35]  Li Gui-Feng,et al.  Design of an Immune-inspired Danger Theory Model Based on Fuzzy Set , 2008, 2008 International Symposium on Computational Intelligence and Design.

[36]  Slawomir T. Wierzchon,et al.  Discriminative power of the receptors activated by k-contiguous bits rule , 2000 .

[37]  Jean-Gabriel Ganascia,et al.  The Artificial Immune Systems Domain: Identifying Progress and Main Contributors Using Publication and Co-Authorship Analyses , 2013, ECAL.

[38]  Vasilios A. Siris,et al.  Application of anomaly detection algorithms for detecting SYN flooding attacks , 2004, GLOBECOM.

[39]  Dario Floreano,et al.  Bio-Inspired Artificial Intelligence: Theories, Methods, and Technologies , 2008 .

[40]  Dipankar Dasgupta,et al.  Immunological Computation: Theory and Applications , 2008 .

[41]  Z. Grossman,et al.  Tuning of activation thresholds explains flexibility in the selection and development of T cells in the thymus. , 1996, Proceedings of the National Academy of Sciences of the United States of America.

[42]  Tansu Alpcan,et al.  A Cooperative AIS Framework for Intrusion Detection , 2007, 2007 IEEE International Conference on Communications.

[43]  Simon M. Garrett,et al.  How Do We Evaluate Artificial Immune Systems? , 2005, Evolutionary Computation.

[44]  Uwe Aickelin,et al.  libtissue - implementing innate immunity , 2006, 2006 IEEE International Conference on Evolutionary Computation.

[45]  A. Perelson,et al.  Predicting the size of the T-cell receptor and antibody combining region from consideration of efficient self-nonself discrimination. , 1993, Proceedings of the National Academy of Sciences of the United States of America.

[46]  Raed Abu Zitar,et al.  Genetic optimized artificial immune system in spam detection: a review and a model , 2011, Artificial Intelligence Review.

[47]  Fernando José Von Zuben,et al.  Learning and optimization using the clonal selection principle , 2002, IEEE Trans. Evol. Comput..

[48]  Paul Helman,et al.  An immunological approach to change detection: algorithms, analysis and implications , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[49]  Ying Gao,et al.  Dynamically Real-time Anomaly Detection Algorithm with Immune Negative Selection , 2013 .

[50]  Michael K. Reiter,et al.  Cross-VM side channels and their use to extract private keys , 2012, CCS.

[51]  Claudia Eckert,et al.  On the appropriateness of negative selection defined over Hamming shape-space as a network intrusion detection system , 2005, 2005 IEEE Congress on Evolutionary Computation.

[52]  Stephanie Forrest,et al.  Intrusion Detection Using Sequences of System Calls , 1998, J. Comput. Secur..

[53]  Chung-Ming Ou,et al.  Immunity-Inspired Host-Based Intrusion Detection Systems , 2011, 2011 Fifth International Conference on Genetic and Evolutionary Computing.

[54]  Vincenzo Cutello,et al.  Clonal Selection Algorithms: A Comparative Case Study Using Effective Mutation Potentials , 2005, ICARIS.

[55]  Mohamed M. K. Elhaj,et al.  A multi-layer network defense system using artificial immune system , 2013, 2013 INTERNATIONAL CONFERENCE ON COMPUTING, ELECTRICAL AND ELECTRONIC ENGINEERING (ICCEEE).

[56]  Z. Grossman,et al.  Adaptive cellular interactions in the immune system: the tunable activation threshold and the significance of subthreshold responses. , 1992, Proceedings of the National Academy of Sciences of the United States of America.

[57]  Rogério de Lemos,et al.  Negative Selection: How to Generate Detectors , 2002 .

[58]  F. Burnet The clonal selection theory of acquired immunity , 1959 .

[59]  Fabio A. González,et al.  A comparative analysis of artificial immune network models , 2005, GECCO '05.

[60]  Stephanie Forrest,et al.  Coverage and Generalization in an Artificial Immune System , 2002, GECCO.

[61]  Hong Zheng,et al.  A Novel Object Detection Approach for Satellite Imagery Based on Danger Theory , 2008, 2008 First International Conference on Intelligent Networks and Intelligent Systems.

[62]  Ying Tan,et al.  Artificial immune system based methods for spam filtering , 2013, 2013 IEEE International Symposium on Circuits and Systems (ISCAS2013).

[63]  Jun Fu,et al.  Bait a Trap: Introducing Natural Killer Cells to Artificial Immune System for Spyware Detection , 2012, ICARIS.

[64]  Jean-Yves Le Boudec,et al.  An artificial immune system approach with secondary response for misbehavior detection in mobile ad hoc networks , 2005, IEEE Transactions on Neural Networks.

[65]  Ajith Abraham,et al.  Artificial immune system inspired behavior-based anti-spam filter , 2007, Soft Comput..

[66]  Xiaofei Wang,et al.  Unified Artificial Immune System , 2013, 2013 5th International Conference on Computational Intelligence and Communication Networks.

[67]  Zhenyu Zhou,et al.  A Danger Theory Inspired Multi-agent Fusion Model for Network Security Assessment , 2007, Third International Conference on Natural Computation (ICNC 2007).

[68]  Manuel Eduardo Correia,et al.  Towards an Immune-inspired Temporal Anomaly Detection Algorithm based on Tunable Activation Thresholds , 2009, BIOSIGNALS.

[69]  André Zúquete,et al.  A Negative Selection Approach to Intrusion Detection , 2012, ICARIS.

[70]  Peter J. Bentley,et al.  Towards an artificial immune system for network intrusion detection: an investigation of clonal selection with a negative selection operator , 2001, Proceedings of the 2001 Congress on Evolutionary Computation (IEEE Cat. No.01TH8546).

[71]  Guangchen Ruan,et al.  Uninterrupted Approaches for Spam Detection Based on SVM and AIS , 2014 .

[72]  D. Wong,et al.  Negative Selection Algorithm for Aircraft Fault Detection , 2004, ICARIS.

[73]  D. Dasgupta,et al.  Advances in artificial immune systems , 2006, IEEE Computational Intelligence Magazine.

[74]  Julie Greensmith,et al.  Introducing Dendritic Cells as a Novel Immune-Inspired Algorithm for Anomoly Detection , 2005, ICARIS.

[75]  Li Qun Huang,et al.  A Layered Multi-Agent Detection Model for Abnormal Intrusion Based on Danger Theory , 2010, 2010 International Conference on Biomedical Engineering and Computer Science.

[76]  Jinquan Zeng,et al.  A Computer Forensics Model Based On Danger Theory , 2007 .

[77]  Chao Yang,et al.  Danger Theory: A new approach in big data analysis , 2012 .

[78]  Charu C. Aggarwal,et al.  On the Surprising Behavior of Distance Metrics in High Dimensional Spaces , 2001, ICDT.

[79]  Carsten Lund,et al.  Learn more, sample less: control of volume and variance in network measurement , 2005, IEEE Transactions on Information Theory.

[80]  Tony White,et al.  Increasing the accuracy of a spam-detecting artificial immune system , 2003, The 2003 Congress on Evolutionary Computation, 2003. CEC '03..

[81]  Lu Hong,et al.  Danger theory of immune systems and intrusion detection systems , 2009, 2009 International Conference on Industrial Mechatronics and Automation.

[82]  Jean-Yves Le Boudec,et al.  An Artificial Immune System for Misbehavior Detection in Mobile Ad-Hoc Networks with Virtual Thymus, Clustering, Danger Signal and Memory Detectors , 2004, Int. J. Unconv. Comput..

[83]  Alan S. Perelson,et al.  Self-nonself discrimination in a computer , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[84]  Nicolas Hohn,et al.  Inverting sampled traffic , 2003, IMC '03.

[85]  Stephanie Forrest,et al.  Revisiting LISYS: parameters and normal behavior , 2002, Proceedings of the 2002 Congress on Evolutionary Computation. CEC'02 (Cat. No.02TH8600).

[86]  Robert L. Fanelli A Hybrid Model for Immune Inspired Network Intrusion Detection , 2008, ICARIS.

[87]  Feng Wang,et al.  A Survey of Artificial Immune System Based Intrusion Detection , 2014, TheScientificWorldJournal.

[88]  Fabio A. González,et al.  An immunity-based technique to characterize intrusions in computer networks , 2002, IEEE Trans. Evol. Comput..

[89]  Ahmad Akbari,et al.  A Real Time Anomaly Detection System Based on Probabilistic Artificial Immune Based Algorithm , 2012, ICARIS.

[90]  Honghua Dai,et al.  Constructing Detectors in Schema Complementary Space for Anomaly Detection , 2004, GECCO.

[91]  Walmir M. Caminhas,et al.  Towards a Novel Immune Inspired Approach to Temporal Anomaly Detection , 2007, ICARIS.

[92]  Manuel Eduardo Correia,et al.  An Artificial Immune System for Temporal Anomaly Detection Using Cell Activation Thresholds and Clonal Size Regulation with Homeostasis , 2009, 2009 International Joint Conference on Bioinformatics, Systems Biology and Intelligent Computing.

[93]  Ying Tan,et al.  A three-layer back-propagation neural network for spam detection using artificial immune concentration , 2009, Soft Comput..

[94]  Raouf Boutaba,et al.  P2P-AIS: A P2P Artificial Immune Systems architecture for detecting DDoS flooding attacks , 2009, 2009 Global Information Infrastructure Symposium.

[95]  Sugata Sanyal,et al.  Evolution Induced Secondary Immunity: An Artificial Immune System Based Intrusion Detection System , 2008, 2008 7th Computer Information Systems and Industrial Management Applications.

[96]  Reza Azmi,et al.  Biological inspired anomaly detection based on danger theory , 2013, The 5th Conference on Information and Knowledge Technology.

[97]  Ramachandran Baskaran,et al.  Artificial immune system based mobile agent platform protection , 2013, Comput. Stand. Interfaces.

[98]  Ying Tan,et al.  Intelligent Detection Approaches for Spam , 2007, Third International Conference on Natural Computation (ICNC 2007).

[99]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[100]  G. Oster,et al.  Theoretical studies of clonal selection: minimal antibody repertoire size and reliability of self-non-self discrimination. , 1979, Journal of theoretical biology.

[101]  Mário M. Freire,et al.  A Quick Perspective on the Current State in Cybersecurity , 2014 .

[102]  Raed Abu Zitar,et al.  Virus detection using clonal selection algorithm with Genetic Algorithm (VDC algorithm) , 2013, Appl. Soft Comput..

[103]  Julie Greensmith,et al.  Dendritic Cells for Anomaly Detection , 2006, 2006 IEEE International Conference on Evolutionary Computation.

[104]  Kamalrulnizam Abu Bakar,et al.  Survey on Artificial Immune System as a Bio-inspired Technique for Anomaly Based Intrusion Detection Systems , 2010, 2010 International Conference on Intelligent Networking and Collaborative Systems.

[105]  Yoshiteru Ishida Fully distributed diagnosis by PDP learning algorithm: towards immune network PDP model , 1990, 1990 IJCNN International Joint Conference on Neural Networks.

[106]  Slawomir T. Wierzchon,et al.  Hybrid Negative Selection Approach for Anomaly Detection , 2012, CISIM.

[107]  Jonathan Timmis,et al.  A resource limited artificial immune system for data analysis , 2001, Knowl. Based Syst..

[108]  Ashutosh Saxena,et al.  Danger theory based SYN flood attack detection in autonomic network , 2009, SIN '09.

[109]  D. Dasgupta,et al.  Combining negative selection and classification techniques for anomaly detection , 2002, Proceedings of the 2002 Congress on Evolutionary Computation. CEC'02 (Cat. No.02TH8600).

[110]  Manuela Pereira,et al.  Detection and classification of peer-to-peer traffic: A survey , 2013, CSUR.

[111]  Manuel Eduardo Correia,et al.  TAT-NIDS: An Immune-Based Anomaly Detection Architecture for Network Intrusion Detection , 2008, IWPACBB.

[112]  Y. Zhu,et al.  A Local-Concentration-Based Feature Extraction Approach for Spam Filtering , 2011, IEEE Transactions on Information Forensics and Security.

[113]  Fang Wang,et al.  Enhancing the learning capacity of immunological algorithms: a comprehensive study of learning operators , 2013, ECAL.

[114]  Jennifer N. Davis,et al.  Evolutionary Algorithm for Artificial Immune System Based Failure Detector Generation and Optimization , 2009 .

[115]  Leandro Nunes de Castro,et al.  The Clonal Selection Algorithm with Engineering Applications 1 , 2000 .

[116]  Pedro Malagón,et al.  Bio-inspired enhancement of reputation systems for intelligent environments , 2013, Inf. Sci..

[117]  Bhupendra Verma,et al.  An efficient proactive artificial immune system based anomaly detection and prevention system , 2016, Expert Syst. Appl..

[118]  Jerne Nk Towards a network theory of the immune system. , 1974 .

[119]  Andrew Berns,et al.  Dissecting Self-* Properties , 2009, 2009 Third IEEE International Conference on Self-Adaptive and Self-Organizing Systems.

[120]  Tony White,et al.  Developing an Immunity to Spam , 2003, GECCO.

[121]  Yoshiki Uchikawa,et al.  A gait acquisition of a 6-legged robot using immune networks , 1994, Proceedings of IEEE/RSJ International Conference on Intelligent Robots and Systems (IROS'94).

[122]  Gregg H. Gunsch,et al.  An artificial immune system architecture for computer security applications , 2002, IEEE Trans. Evol. Comput..

[123]  Julie Greensmith,et al.  Dendritic cells for SYN scan detection , 2007, GECCO '07.

[124]  Uwe Aickelin,et al.  Detecting Anomalous Process Behaviour Using Second Generation Artificial Immune Systems , 2010, Int. J. Unconv. Comput..

[125]  Dejan Milutinovic,et al.  Immunological self-tolerance: lessons from mathematical modeling , 2005 .

[126]  Zhi-Li Zhang,et al.  Adaptive packet sampling for accurate and scalable flow measurement , 2004, IEEE Global Telecommunications Conference, 2004. GLOBECOM '04..

[127]  Julie Greensmith,et al.  Immune System Approaches to Intrusion Detection - A Review , 2004, ICARIS.

[128]  Mark Burgess,et al.  A scaled, immunological approach to anomaly countermeasures: combining pH with cfengine , 2003, IFIP/IEEE Eighth International Symposium on Integrated Network Management, 2003..

[129]  Chou-Yuan Lee,et al.  An immunity-based ant colony optimization algorithm for solving weapon-target assignment problem , 2002, Appl. Soft Comput..

[130]  A Coutinho,et al.  The self-nonself discrimination and the nature and acquisition of the antibody repertoire. , 1980, Annales d'immunologie.

[131]  Larry D. Pyeatt,et al.  An Artificial Immune System Based on Holland's Classifier as Network Intrusion Detection , 2012, 2012 11th International Conference on Machine Learning and Applications.

[132]  Stephanie Forrest,et al.  Infect Recognize Destroy , 1996 .

[133]  Jonathan Timmis,et al.  Artificial immune systems as a novel soft computing paradigm , 2003, Soft Comput..

[134]  J Timmis,et al.  An artificial immune system for data analysis. , 2000, Bio Systems.

[135]  Julie Greensmith,et al.  Articulation and Clarification of the Dendritic Cell Algorithm , 2006, ICARIS.

[136]  Mário M. Freire,et al.  Security issues in cloud environments: a survey , 2014, International Journal of Information Security.

[137]  Fernando Niño,et al.  A Novel Immune Anomaly Detection Technique Based on Negative Selection , 2003, GECCO.

[138]  Furong Liu,et al.  Survey of artificial immune system , 2006, 2006 1st International Symposium on Systems and Control in Aerospace and Astronautics.

[139]  William L. Simon,et al.  The Art of Deception: Controlling the Human Element of Security , 2001 .

[140]  P. Matzinger Tolerance, danger, and the extended family. , 1994, Annual review of immunology.

[141]  Luigi Barone,et al.  Nature-Inspired Techniques in the Context of Fraud Detection , 2012, IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews).

[142]  Tony White,et al.  Immunity from Spam: An Analysis of an Artificial Immune System for Junk Email Detection , 2005, ICARIS.

[143]  Alex Alves Freitas,et al.  AISEC: an artificial immune system for e-mail classification , 2003, IEEE Congress on Evolutionary Computation.

[144]  Jean-Yves Le Boudec,et al.  Artificial Immune System for Collaborative Spam Filtering , 2007, NICSO.

[145]  Stephanie Forrest,et al.  Immunity by design: an artificial immune system , 1999 .