A Biologically Motivated Computational Architecture Inspired in the Human Immunological System to Quantify Abnormal Behaviors to Detect Presence of Intruders

  • Omar U. Flórez-Choque
  • Ernesto Cuadros-Vargas
Conference paper
Part of the IFIP International Federation for Information Processing book series (IFIPAICT, volume 216)


In this article is presented a detection model of intruders by using an architecture based in agents that imitates the principal aspects of the Immunological System, such as detection and elimination of antigens in the human body. This model is based on the hypothesis of an intruder which is a strange element in the system, whereby can exist mechanisms able to detect their presence. We will use recognizer agents of intruders (Lymphocytes-B) for such goal and macrophage agents (Lymphocytes-T) for alerting and reacting actions.

The core of the system is based in recognizing abnormal patterns of conduct by agents (Lymphocytes-B), which will recognize anomalies in the behavior of the user, through a catalogue of Metrics that will allow us quantify the conduct of the user according to measures of behaviors and then we will apply Statistic and Data Minig technics to classify the conducts of the user in intruder or normal behavior. Our experiments suggest that both methods are complementary for this purpose. This approach was very flexible and customized in the practice for the needs of any particular system.


False Alarm False Alarm Rate Intrusion Detection Normal User Authentication Server 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    K. Mitnick. The Art of Deception. Wiley. December, 2002.Google Scholar
  2. 2.
    A. Mauro. Adaptative Intrusion Detection System using Neural Networks. Conference of ACME! Computer Security Labs. November, 2002.Google Scholar
  3. 3.
    Y. Deswarte, L. Blain, and J. C. Fabre. Intrusion tolerance in distributed computing systems. In Proc. Symp. on Research in Security and Privacy, pp. 110–121, Oakland, CA, USA. 1991. IEEE Computer Society Press.Google Scholar
  4. 4.
    S. Burgstahler, Sheryl. Working Together: People with Disabilities and Computer. University of Washington. DO-IT. 2002.Google Scholar
  5. 5.
    R. Kohavi. A study of cross-validation and bootstrap for accuracy estimation and model selection. IJCAI. 1995.Google Scholar
  6. 6.
    T. Fawcett. ROC graphs: Notes and practical considerations for researchers. Technical report, HP Laboratories, MS 1143, 1501 Page Mill Road, Palo Alto CA 94304, USA. 2004.Google Scholar
  7. 7.
    S. Forrest, S. A. Hofmeyr. A. Somayaji, and T. A. Longstaff. A sense of self for Unix processes. In Proceedings of 1996 IEEE Symposium on Computer Security and Privacy, pp. 120–128 (1996).Google Scholar

Copyright information

© International Federation for Information Processing 2006

Authors and Affiliations

  • Omar U. Flórez-Choque
    • 1
  • Ernesto Cuadros-Vargas
    • 2
    • 3
  1. 1.Computer Science DepartmentNational University of San AgustínArequipaPerú
  2. 2.San Pablo Catholic UniversityPeru
  3. 3.Peruvian Computer SocietyPeru

Personalised recommendations