Investigating Novel Immune-Inspired Multi-agent Systems for Anomaly Detection

Due to the biological immune system applied to the field of computer security, immunological scientists have made much development for anomaly detection systems. However, there are still a number of significant hurdles to prevent it from solving real-world problems efficiently, such as the high false positive and false negative errors. In order to present a more feasible anomaly detection system, we outline multi-agent systems (MAS) to design an artificial immune system inspired by a novel immune theory- danger theory, following an appropriate evaluation tool (DCs) for network packets and a suitable mechanism of communication between agents. We set up two kinds of immune responses logically on both host layer and network layer to the coming intruders for the purpose of mitigating the damage and infection. We hope that this system will eventually become more powerful as a distributed immune system, based on the sound immunological concepts.

[1]  Robert K. Cunningham,et al.  Fusing A Heterogeneous Alert Stream Into Scenarios , 2002, Applications of Data Mining in Computer Security.

[2]  Hervé Debar,et al.  Aggregation and Correlation of Intrusion-Detection Alerts , 2001, Recent Advances in Intrusion Detection.

[3]  Uwe Aickelin,et al.  Cooperative Automated Worm Response and Detection ImmuNe ALgorithm(CARDINAL) Inspired by T-Cell Immunity and Tolerance , 2005, ICARIS.

[4]  C. Janeway Approaching the asymptote? Evolution and revolution in immunology. , 1989, Cold Spring Harbor symposia on quantitative biology.

[5]  Stephanie Forrest,et al.  An immunological model of distributed detection and its application to computer security , 1999 .

[6]  Uwe Aickelin,et al.  Danger Theory: The Link between AIS and IDS? , 2003, ICARIS.

[7]  Julie Greensmith,et al.  Introducing Dendritic Cells as a Novel Immune-Inspired Algorithm for Anomoly Detection , 2005, ICARIS.

[8]  F. Burnet The clonal selection theory of acquired immunity , 1959 .

[9]  蔡 自兴,et al.  人工智能及其应用 = Artificial intelligence : principles and applications , 2004 .

[10]  Wang Jin,et al.  An Autonomous Agent-Based Adaptive Distributed Intrusion Detection System , 2005 .

[11]  P. Matzinger Tolerance, danger, and the extended family. , 1994, Annual review of immunology.

[12]  P. Matzinger The Danger Model: A Renewed Sense of Self , 2002, Science.

[13]  Tim R Mosmann,et al.  Dendritic cells: the immune information management experts , 2004, Nature Immunology.

[14]  P. Matzinger,et al.  An innate sense of danger. , 1998, Seminars in immunology.

[15]  R. Schwartz,et al.  Antigen presentation by chemically modified splenocytes induces antigen- specific T cell unresponsiveness in vitro and in vivo , 1987, The Journal of experimental medicine.

[16]  Charles A. Janeway,et al.  Decoding the Patterns of Self and Nonself by the Innate Immune System , 2002, Science.

[17]  Robert K. Cunningham,et al.  Building Scenarios from a Heterogeneous Alert Stream , 2001 .