Skip to main content

Anomaly process detection using negative selection algorithm and classification techniques


Artificial immune system is derived from the biological immune system. This system is an important method for generating detectors that include self-adaption, self- regulation and self-learning which have self/non-self-detection features. This method is used in anomaly process detection where the anomaly is non-self in the system. We present a new combining technique for anomaly process detection. This combined technique is a unification of both negative selection and classification algorithm. The main aim of the proposed techniques is to increase the accuracy in this system while decreasing its training time. In this research, CICIDS 2017 and NSL-KDD dataset with different sets of features and the same number of detectors are used. This paper presents a framework for detecting anomaly processes on a host base computer system which is established on the artificial immune system. We evaluate our technique using machine learning algorithms such as: logistic regression, random forest, decision tree and K-neighbors. Moreover, we use WEKA tool classification to perform a correlation based feature selection on the dataset.

This is a preview of subscription content, access via your institution.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6


  1. Angelov P (2014) Anomaly detection based on eccentricity analysis. In: 2014 IEEE symposium on evolving and autonomous learning systems (EALS). pp 1–8. IEEE, New York

  2. Angelov P, Sadeghi-Tehran P, Ramezani R (2011) An approach to automatic real-time novelty detection, object identification, and tracking in video streams based on recursive density estimation and evolving Takagi-Sugeno fuzzy systems. Int J Intell Syst 26(3):189–205

    Article  Google Scholar 

  3. Brandsæter A, Vanem E, Glad IK (2019) Efficient on-line anomaly detection for ship systems in operation. Expert Syst Appl 121(1):418–437

    Article  Google Scholar 

  4. Brown J, Anwar M, Dozier G (2016) Intrusion detection using a multiple-detector set artificial immune system. In: 17th international conference on information reuse and integration (IRI). pp 283–286

  5. Forrest S, Perelson AS, Allen L, Cherukuri R (1994) Self-Nonself discrimination in a computer. In: Proc. 1994 IEEE symp. on security and privacy, pp 202–212

  6. Hooks D, Yuan X, Roy K, Esterline A, Hernandez J (2018) Applying artificial immune system for intrusion detection. In: 2018 IEEE fourth international conference on big data computing service and applications (big data service), Bamberg, pp 287–292

  7. Igbe O, Darwish I, Saadawi T (2016) Distributed network intrusion detection systems: an artificial immune system approach. In: IEEE first international conference in connected health: applications, systems and engineering technologies (CHASE). pp 101–106

  8. Johny D, Haripriya P, Anju J (2017) Negative selection algorithm: a survey. Int J Sci Eng Technol Res 6

  9. Meena G, Choudhary RR (2017) A review paper on IDS classification using KDD 99 and NSL KDD dataset in WEKA. In: International conference on computer, communications and electronics (Comptelix). pp 553–558

  10. Panigrahi R, Borah S (2018) A detailed analysis of CICIDS2017 dataset for designing intrusion detection systems. Int J Eng Technol 7(3.24):479–482

    Google Scholar 

  11. Pharate A, Bhat H, Shilimkar V, Mhetre N (2015) Classification of intrusion detection system. Int J Comput Appl 118:23–26

    Google Scholar 

  12. Saurabh P, Verma B (2016) An efficient proactive artificial immune system based anomaly detection and prevention system. Expert Syst Appl 60:311–320

    Article  Google Scholar 

  13. Sharma S, Gupta RK (2017) A model for intrusion detection based on negative selection algorithm and J48 decision tree. Int J Res Appl Sci Eng Technol 5:1–7

    Google Scholar 

  14. Tabatabaefar M, Miriestahbanati M, Grégoire J-C (2017) Network intrusion detection through artificial immune system. In: 2017 annual IEEE international on systems conference (SysCon). pp. 1–6

  15. Ugochukwu CJ, Bennett E (2018) An Intrusion detection system using machine learning algorithm. Int J Comput Sci Math Theory 4:2545–5699

    Google Scholar 

  16. Wen C, Tao L (2017) Parameter analysis of negative selection algorithm. Inf Sci 420:218–234

    Article  Google Scholar 

  17. Xu K, Xia M, Mu X, Wang Y, Cao N (2019) EnsembleLens: ensemble-based visual exploration of anomaly detection algorithms with multidimensional data. IEEE Trans Visual Comput Graphics 25:109–119

    Article  Google Scholar 

  18. Yang T, Chen W, Li T (2017) A real negative selection algorithm with evolutionary preference for anomaly detection. Open Phys 15:121–134

    Article  Google Scholar 

  19. Zhang F, Ma Y (2016) Integrated Negative Selection Algorithm and Positive Selection Algorithm for malware detection. In: International conference on informatics and computing (PIC). pp 605–609

Download references

Author information



Corresponding author

Correspondence to Soodeh Hosseini.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Hosseini, S., Seilani, H. Anomaly process detection using negative selection algorithm and classification techniques. Evolving Systems 12, 769–778 (2021).

Download citation


  • Artificial immune system
  • Negative selection algorithm
  • Anomaly detection
  • Intrusion detection
  • Machine learning