A Novel Multi-layered Immune Network Intrusion Detection Defense Model: MINID

Today network security has become an everyday problem with virtually all computers connected to the Internet. Intrusion detection serves the important function of identifying malicious activities and determining their nature, origin, and seriousness. Inspired by the many excellent characteristics of biological immune System (BIS), the network intrusion detection system (NIDS) which based on artificial immune system (AIS) has become one of the focus of the intelligent NIDS research and achieved many good results in the past studies. However, there are still many problems existed in traditional AIS-based NIDS, such as low detector generation efficiency, low detection true positive rate and high detection false positive rate, etc. Currently, the AIS-based NIDS mainly learn from the adaptive immune mechanism of BIS, but ignoring the rapid response and co-stimulatory mechanism of the innate immune of BIS, thus cause these problems discussed above. In this paper, we combine the innate and adaptive immune mechanisms in BIS and map them to AIS, and propose a novel multilayered immune network intrusion detection model (MINID) which based on pattern recognition receptor (PRR) theory. Theoretical analysis shows that the MINID model effectively integrates the misuse detection and anomaly detection technologies to quickly respond to known network intrusion attacks and discover unknown network intrusion attacks in network intrusion detection application.