Abstract
In the context of a computer system, computer security is the prevention of an illicit action against the system. For this purpose, computer security must determine the difference between normal and harmful activities. These activities can come from outside or from inside the system to be protected. In a similar manner, the role of the Human Immune System (HIS) is to detect and defend against harm. This similarity has inspired approaches in the area of computer security, including the use of immune-based approaches to build Intrusion Detection and Response Systems (IDRSs). As a concrete example, this chapter introduces a new approach for Intrusion Detection (ID) and Intrusion Response (IR) to build a completely distributed and decentralised IDRS for use in computer networks. This approach is called Intrusion Detection and Response extended with Agent Mobility, or IDReAM for short. IDReAM combines Mobile Agents (MAs) with two self-organising paradigms inspired by natural life systems. The Intrusion Detection System (IDS) is inspired by the metaphor of the immune system that protects the human body from external threats. Specialised cells of the immune system, called the T cells, travel around the body to detect possible threats by eliminating the proteins that they do not recognise as safe proteins—referred to as non-self proteins. Intrusion Detection Agents (IDAs) roam the network to detect suspicious behaviours in a manner that mimics the behaviour of T cells. The Intrusion Response System (IRS) also borrows mechanisms from the stigmergic paradigm of a colony of ants. At the time of foraging, the ants use the environment to diffuse a chemical substance called the pheromone which traces the route for the other ants from the nest to the source of food. Intrusion Response Agents (IRAs) roam the network to respond to the IDAs’ alerts, mimicking the behaviour of the ants to trace the route to the alert and give the response. The two natural systems exhibit a social behaviour by the organisation of their entities, T cells and ants, which is not possible without the functionality of mobility.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
Natural systems as a source of inspiration for computer security.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Refer to Chap. 3 Self-organisation and Emergence in Natural Systems for more detail about self-organising systems.
- 2.
A self-catalytic reaction is catalysis in which the catalyst is one of the products of the reaction.
- 3.
There is always a small probability that other paths are created by other ants that keep moving randomly until they find another source of food. This behaviour is crucial for the survival of the ant colony.
- 4.
Refer to Chap. 4, Software Agents, for more detail about software agents.
- 5.
The official site for Snort is: http://www.snort.org/.
References
Axelrod, R.: The Evolution of Cooperation. Basic Books, New York (1984)
Binder, W.: Design and implementation of the J-SEAL2 mobile agent kernel. In: Proceedings of the European Conference on Object-Oriented Programming (ECOOP 2000) (2000)
Campbell, N.A., Reece, J.B.: Biology, 7th edn. Benjamin-Cummings, San Francisco (2004)
Coolen, R., Luiijf, H.A.M.: Intrusion detection: generics and state of the art. Tech. Rep., Research and Technology Organisation, Neuilly sur Seine, France (2002)
Daintith, J., Wright, E.: A Dictionary of Computing, 6th edn. Oxford University Press, London (2008)
Debar, H., Dacier, M., Wespi, A.: Towards a taxonomy of intrusion detection systems. Comput. Netw. 31(9), 805–822 (1999)
Denning, D.E.: An intrusion detection model. IEEE Trans. Softw. Eng. 13(2), 222–232 (1987)
Glansdorff, P., Prigogine, I.: Thermodynamic theory of structure, stability and fluctuations. Am. J. Phys. 41, 147–148 (1973)
Graham, R.: Frequent asked questions, network intrusion detection systems (2000). http://www.biblioteca.co.cr/pdf/network-intrusion-detection.pdf. White paper
Grassé, P.P.: La reconstruction du nid et les coordinations interindividuelles chezbellicositermes natalensis etcubitermes sp la théorie de la stigmergie: Essai d’interprétation du comportement des termites constructeurs. Insectes Soc. 6(1), 41–80 (1959). doi:10.1007/BF02223791
Heady, R., Luger, G., Maccabe, A., Servilla, M.: The architecture of a network level intrusion detection system. Techn. Rep. CS90-20, Department of Computer Science, University of New Mexico, USA (1990). http://www.osti.gov/energycitations/servlets/purl/425295-4IN2Pw/webviewable/425295.pdf
Hofmeyr, S.A.: An immunological model of distributed detection and its application to computer security. Ph.D. thesis, University of New Mexico, USA (1999)
Janeway, C., Travers, P., Walport, M., Shlomchik, M.: Immunobiology: The Immune System in Health and Disease, 6th edn. Garland, New York (2004)
Lane, T., Brodley, C.E.: Temporal sequence learning and data reduction for anomaly detection. In: Proceedings of the 5th ACM Conference on Computer and Communications Security, pp. 150–158 (1998)
Lydyard, P.M., Whelan, A., Fanger, M.W.: Immunology, Instant Notes, 2nd edn. Bios Scientific, London (2004)
Maiwald, E.: Network Security: A Beginner’s Guide. McGraw-Hill, New York (2001)
Matzinger, P.: Tolerance, danger, and the extended family. Annu. Rev. Immunol. 12, 991–1045 (1994)
Matzinger, P.: The danger model: a renewed sense of self. Science 296(5566), 301–305 (2002)
Pieprzyk, J., Hardjono, T., Seberry, J.: Fundamentals of Computer Security. Springer, Berlin (2003)
Playfair, J.H.L., Bancroft, G.J.: Infection and Immunity, 2nd edn. Oxford University Press, Oxford (2004)
Playfair, J.H.L., Chain, B.M.: Immunology at a Glance, 8th edn. Blackwell Publishing, Malden (2005)
Ranum, M.: Intrusion detection: ideals, expectations and realities. J. Comput. Secur. 15(4), 25–45 (1999)
Ryan, J., Lin, M.J., Miikkulainen, R.: Intrusion detection with neural networks. In: Jordan, M., Kearns, M., Solla, S. (eds.) Advances in Neural Information Processing System, vol. 10. MIT Press, Cambridge (1998)
Sompayrac, L.: How the Immune System Works, 2nd edn. Blackwell Science, Malden (2003)
Sundaram, A.: An introduction to intrusion detection. Crossroads 2(4), 3–7 (1996)
Tan, K.M.C.: The application of neural networks to Unix computer security. In: Proceedings of the IEEE International Conference on Neural Networks (1995)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Foukia, N., Middlemiss, M. (2011). Security in Artificial Systems. In: Di Marzo Serugendo, G., Gleizes, MP., Karageorgos, A. (eds) Self-organising Software. Natural Computing Series. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-17348-6_16
Download citation
DOI: https://doi.org/10.1007/978-3-642-17348-6_16
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-17347-9
Online ISBN: 978-3-642-17348-6
eBook Packages: Computer ScienceComputer Science (R0)