A Comparative Study of Negative Selection Based Anomaly Detection in Sequence Data

The negative selection algorithm is one of the oldest immuneinspired classification algorithms and was originally intended for anomaly detection tasks in computer security. After initial enthusiasm, performance problems with the algorithm lead many researchers to conclude that negative selection is not a competitive anomaly detection technique. However, in recent years, theoretical work has lead to substantially more efficient negative selection algorithms. Here, we report the results of the first evaluation of negative selection with r-chunk and r-contiguous detectors that employs these novel algorithms. On a collection of 14 datasets from real-world sources, we compare negative selection with r-chunk and r-contiguous detectors against techniques based on kernels, finite state automata, and n-gram frequencies, and find that negative selection performs competitively, yielding a slightly better average performance than all other techniques investigated. Because this study represents, to our knowledge, the most comprehensive one of string-based negative selection to date, the widely held view that negative selection is not a competitive anomaly detection technique may be inaccurate.