Abstract
The presented work proposes a new approach for anomaly detection. This approach is based on changes in a population of evolving agents under stress. If conditions are appropriate, changes in the population (modeled by the bioindicators) are representative of the alterations to the environment. This approach, based on an ecological view, improves functionally traditional approaches to the detection of anomalies. To verify this assertion, experiments based on Network Intrussion Detection Systems are presented. The results are compared with the behaviour of other bioinspired approaches and machine learning techniques.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Atreas, N., Karanikas, C., Tarakanov, A.: Signal Processing by an Immune Type Tree Transform. In: Timmis, J., Bentley, P.J., Hart, E. (eds.) ICARIS 2003. LNCS, vol. 2787, pp. 111–119. Springer, Heidelberg (2003)
Bersini, H.: Self-assertion versus self-recognition: A tribute to Francisco Varela. In: Timmis, J., Bentley, P.J. (eds.) Proceedings of the 1st International Conference on Artificial Immune Systems (ICARIS), pp. 107–112. University of Kent at Canterbury Printing Unit, University of Kent at Canterbury (2002), http://www.aber.ac.uk/icaris-2002
de Castro, L., Von Zuben, F.: ainet an artificial immune network for data analysis. In: Publishing, I.G. (ed.) Data Mining: A Heuristic Approach, pp. 231–259. Idea Group Publishing (2001)
Coutinho, A.: A walk with francisco varela from first- to second- generation networks: In search of the structure, dynamics and metadynamics of an organism-centered immune system. Biological Research 36(1), 17–26 (2003)
Cutello, V., Narzisi, G., Nicosia, G., Pavone, M.: Clonal Selection Algorithms: A Comparative Case Study Using Effective Mutation Potentials. In: Jacob, C., Pilat, M.L., Bentley, P.J., Timmis, J.I. (eds.) ICARIS 2005. LNCS, vol. 3627, pp. 13–28. Springer, Heidelberg (2005)
Dasgupta, D.: Artificial immune systems and their applications. Springer (1998)
Estevez-Tapiador, J.M., Garcia-Teodoro, P., Diaz-Verdejo, J.E.: Anomaly detection methods in wired networks: a survey and taxonomy. Computer Communications 27(16), 1569–1584 (2004)
Fawcett, T.: An introduction to ROC analysis. Pattern Recognition Letters 27(8), 861–874 (2006), rOC Analysis in Pattern Recognition
Forrest, S., Perelson, A., Allen, L., Cherukuri, R.: Self-Nonself Discrimination in a Computer. In: Proceedings of IEEE Computer Society Symposium on Research in Security and Privacy, pp. 202–212 (1994); IEEE, Comp. Soc.; IEEE, Comp. Soc., Tech. Comm. Secur. & Privacy; Int. Assoc. Cryptol. Res. (1994); 1994 IEEE-Computer-Society Symposium on Research in Security and Privacy, Oakland, CA, May 16-18 (1994)
Glickman, M., Balthrop, J., Forrest, S.: A machine learning evaluation of an artificial immune system. Evolutionary Computation 13(2), 179–212 (2005)
Greitzer, F.L., Moore, A.P., Cappelli, D.M., Andrews, D.H., Carroll, L.A., Hull, T.D.: Combating the insider cyber threat. IEEE Security & Privacy 6(1), 61–64 (2008)
Harmer, P., Williams, P., Gunsch, G., Lamont, G.: An artificial immune system architecture for computer security applications. IEEE Transactions on Evolutionary Computation 6(3), 252–280 (2002)
Horn, R., Johnson, C.: Matrix Analysis. Cambridge University Press (1986)
Humberto Maturana, F.V.: El Arbol del Conocimiento. Editorial Universitaria, Santiago (1976)
Jeffrey, D.W., Madden, B.: Bioindicators and environmental management. Academic Press, London (1991)
Kukielka, P., Kotulski, Z.: Analysis of Different Architectures of Neural Networks for Application in Intrusion Detection Systems. In: Ganzha, M., Paprzycki, M., PelechPilichowski, T. (eds.) International Multiconference on Computer Science and Information Technology (IMCSIT), Wisla, Poland, October 20-22, vol. 1 and 2, pp. 752–756. IEEE (2008)
Linda, O., Vollmer, T., Manic, M.: Neural Network Based Intrusion Detection System for Critical Infrastructures. In: IEEE International Joint Conference on Neural Networks (IJCNN), Int. Neural Network Soc., Atlanta, GA, June 14-19, vol. 1- 6, pp. 102–109 (2009)
Lippmann, R., Haines, J.W., Fried, D.J., Korba, J., Das, K.: The 1999 DARPA off-line intrusion detection evaluation. Computer Networks-the International Journal of Computer and Telecommunications Networking 34(4), 579–595 (2000)
Halley, J.M.: Ecology, evolution and 1f-noise. Trends in Ecology & Evolution 11(1), 33–37 (1996)
Nanas, N., de Roeck, A.: Autopoiesis, the immune system, and adaptive information filtering. Natural Computing 8, 387–427 (2009), doi:10.1007/s11047-008-9068-x
Olusola, A.A., Oladele, A.S., Abosede, D.O.: Analysis of KDD ‘99 Intrusion Detection Dataset for Selection of Relevance Features. In: Ao, S.I., Douglas, C., Grundfest, W.S., Burgstone, J. (eds.) World Congress on Engineering and Computer Science, Int. Assoc. Engn., San Francisco, CA, October 20-22. Lecture Notes in Engineering and Computer Science, vol. 1 and 2, pp. 162–168 (2010)
Haykin, S.O.: Neural Networks and Learning Machines, 3rd edn., new york edn. Prentice Hall (2009)
Sklar, E.: Software review: NetLogo, a multi-agent simulation environment. Artificial Life 13(3), 303–311 (2007)
Tarakanov, A.O.: Immunocomputing for intelligent intrusion detection. IEEE Computational Intelligence Magazine 3(2), 22–30 (2008)
Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.: A detailed analysis of the KDD CUP 99 data set. In: IEEE Symposium on Computational Intelligence for Security and Defense Applications, CISDA 2009, pp. 1–6 (July 2009)
Varela, F.: El Fenómeno de la Vida, 2nd edn. OCEANO, Santiago de Chile (2000)
Wilcoxon, F.: Indicidual Comparisons by Ranking Methods. Biometrics Bulletin 1(6), 80–83 (1945)
Wu, S.X., Banzhaf, W.: The use of computational intelligence in intrusion detection systems: A review. Applied Soft Computing 10(1), 1–35 (2010)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Pinacho, P., Pau, I., Chacón, M., Sánchez, S. (2012). An Ecological Approach to Anomaly Detection: The EIA Model. In: Coello Coello, C.A., Greensmith, J., Krasnogor, N., Liò, P., Nicosia, G., Pavone, M. (eds) Artificial Immune Systems. ICARIS 2012. Lecture Notes in Computer Science, vol 7597. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-33757-4_18
Download citation
DOI: https://doi.org/10.1007/978-3-642-33757-4_18
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-33756-7
Online ISBN: 978-3-642-33757-4
eBook Packages: Computer ScienceComputer Science (R0)