An Immune Inspired Approach to Anomaly Detection
نویسندگان
چکیده
The immune system provides a rich metaphor for computer security: anomaly detection that works in nature should work for machines. However, early artificial immune system approaches for computer security had only limited success. Arguably, this was due to these artificial systems being based on too simplistic a view of the immune system. We present here a second generation artificial immune system for process anomaly detection. It improves on earlier systems by having different artificial cell types that process information. Following detailed information about how to build such second generation systems, we find that communication between cells types is key to performance. Through realistic testing and validation we show that second generation artificial immune systems are capable of anomaly detection beyond generic system policies. The paper concludes with a discussion and outline of the next steps in this exciting area of computer security.
منابع مشابه
STLR: a novel danger theory based structural TLR algorithm
Artificial Immune Systems (AIS) have long been used in the field of computer security and especially in Intrusion Detection systems. Intrusion detection based on AISs falls into two main categories. The first generation of AIS is inspired from adaptive immune reactions but, the second one which is called danger theory focuses on both adaptive and innate reactions to build a more biologically-re...
متن کاملA Novel Immune Inspired Approach to Fault Detection
This paper presents a novel immune inspired algorithm, named DERA (Dynamic Effector Regulatory Algorithm), aimed at fault detection and other anomaly detection problems. It integrates immunological research results, pointing out the importance of a special breed of cells (regulatory T cells) in the control of various aspects of the immune system, and includes a mechanism for signalling between ...
متن کاملHost-based Web Anomaly Intrusion Detection System, an Artificial Immune System Approach
Recently, the shortcomings of current security solutions in protecting web servers and web applications against web-based attacks have encouraged many researchers to work on web intrusion detection systems (WIDSs). In this paper, a host-based web anomaly detection system is presented which analyzes the POST and GET requests processed and logged in web servers’ access log files. A special kind o...
متن کاملTowards a Novel Immune Inspired Approach to Temporal Anomaly Detection
In this conceptual paper, we report on studies and initial definitions of an immune-inspired approach to temporal anomaly detection problems, where there is a strict temporal ordering on the data, such as intrusion detection and fault detection. The inspiration for the development of this approach comes from the sophisticated mechanisms involved in T-cell based recognition, such as tuning of ac...
متن کاملAn Agent Based Classification Model
The major function of this model is to access the UCI Wisconsin Breast Cancer data-set[1] and classify the data items into two categories, which are normal and anomalous. This kind of classification can be referred as anomaly detection, which discriminates anomalous behaviour from normal behaviour in computer systems. One popular solution for anomaly detection is Artificial Immune Systems (AIS)...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- CoRR
دوره abs/0910.3117 شماره
صفحات -
تاریخ انتشار 2007