Abstract
An negative selection algorithm is presented for intrusion detection tasks for systems with arbitrary diversity. This algorithm uses two types of agents, detectors and presenters. Presenters present information to detectors; detectors are selected to engage in a maximally frustrated dynamics when presenters present data from a reference state. We show that if presenters present information that has never been available during the selection stage, then presenters engage in a less frustrated dynamics and their abnormal presentation can be detected. The performance of our algorithm is independent of the dimension of the space, i.e., the length of information presented by presenters, and hence does not suffer from the dimensionality curse accompanying current methods.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Hervé Debar, M.D., Wespi, A.: Towards a taxonomy of intrusion-detection systems. Computational Networks (31), 805–822 (1999)
Forrest, S., Beauchemin, C.: Computer immunology. Immunological Reviews 216, 176–197 (2007)
Forrest, S., et al.: Self-Nonself Discrimination in a Computer. In: Proceedings of IEEE Computer Society Symposium on Research in Security and Privacy, pp. 202–212 (1994)
Bereta, M.Ç., Burczynski, T.: Immune K-means and negative selection algorithms for data analysis. Information Sciences 179(10), 1407–1425 (2009)
Dasgupta, D., Niño, L.F.: Immunological computation: theory and applications, vol. xviii, p. 277. CRC, Boca Raton (2009)
Greensmith, J., Aickelin, U., Tedesco, G.: Information fusion for anomaly detection with the dendritic cell algorithm. Inf. Fusion 11(1), 21–34 (2010)
Hone, A., et al.: Theoretical advances in artificial immune systems. Theoretical Computer Science 403(1), 11–32 (2008)
Kim, J., et al.: Immune system approaches to intrusion detection – a review. Natural Computing 6(4), 413–466 (2007)
Xie, Z.X., et al.: A distributed agent-based approach to intrusion detection using the lightweight PCC anomaly detection classifier. In: Proceedings of IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing, vol. 1, pp. 446–453 (2006)
Wang, D.W., Xue, Y.B., Dong, Y.F.: Anomaly Detection Using Neighborhood Negative Selection. Intelligent Automation and Soft Computing 17(5), 595–605 (2011)
Yang, X., Aldrich, C., Maree, C.: Detecting change in dynamic process systems with immunocomputing. Minerals Engineering 20(2), 103–112 (2007)
Ji, Z., Dasgupta, D.: Revisiting negative selection algorithms. Evolutionary Computation 15(2), 223–251 (2007)
Stibor, T., Timmis, J.I., Eckert, C.: On the Use of Hyperspheres in Artificial Immune Systems as Antibody Recognition Regions. In: Bersini, H., Carneiro, J. (eds.) ICARIS 2006. LNCS, vol. 4163, pp. 215–228. Springer, Heidelberg (2006)
Kim, J., Bentley, P.J.: Negative Selection within an Artificial Immune for Network Intrusion Detection. In: 14th Annual Fall Symposium of the Korean Information Processing Society, Seoul, Korea (2000)
Mckeithan, T.W.: Kinetic Proofreading in T-Cell Receptor Signal-Transduction. Proceedings of the National Academy of Sciences of the United States of America 92(11), 5042–5046 (1995)
de Abreu, F.V., et al.: Cellular Frustration: A New Conceptual Framework for Understanding Cell-Mediated Immune Responses. In: Bersini, H., Carneiro, J., et al. (eds.) ICARIS 2006. LNCS, vol. 4163, pp. 37–51. Springer, Heidelberg (2006)
Lindo, A., Faria, B., de Abreu, F.: Tunable kinetic proofreading in a model with molecular frustration. Theory in Biosciences, 1–8
de Abreu, F.V., Mostardinha, P.: Maximal frustration as an immunological principle. Journal of the Royal Society Interface 6(32), 321–334 (2009)
Abbas, A.K., Lichtman, A.H.: Basic Immunology: Functions and Disorders of the Immune System. W B SAUNDERS (2010)
Janeway, C.: Immunobiology five. Garland Pub. (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Mostardinha, P., Faria, B.F., Zúquete, A., Vistulo de Abreu, F. (2012). A Negative Selection Approach to Intrusion Detection. In: Coello Coello, C.A., Greensmith, J., Krasnogor, N., Liò, P., Nicosia, G., Pavone, M. (eds) Artificial Immune Systems. ICARIS 2012. Lecture Notes in Computer Science, vol 7597. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-33757-4_14
Download citation
DOI: https://doi.org/10.1007/978-3-642-33757-4_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-33756-7
Online ISBN: 978-3-642-33757-4
eBook Packages: Computer ScienceComputer Science (R0)