Advertisement

Online Negative Databases

  • Fernando Esponda
  • Elena S. Ackley
  • Stephanie Forrest
  • Paul Helman
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3239)

Abstract

The benefits of negative detection for obscuring information are explored in the context of Artificial Immune Systems (AIS). AIS based on string matching have the potential for an extra security feature in which the “normal” profile of a system is hidden from its possible hijackers. Even if the model of normal behavior falls into the wrong hands, reconstructing the set of valid or “normal” strings is an \(\mathcal{NP}\)-hard problem. The data-hiding aspects of negative detection are explored in the context of an application to negative databases. Previous work is reviewed describing possible representations and reversibility properties for privacy-enhancing negative databases. New algorithms are described, which allow on-line creation and updates of negative databases, and future challenges are discussed.

Keywords

Intrusion Detection Anomaly Detection Online Algorithm Negative Information String Match 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Achlioptas, D., Gomes, C., Kautz, H., Selman, B.: Generating satisfiable problem instances. In: Proceedings of the 7th Conference on Artificial Intelligence (AAAI- 00) and of the 12th Conference on Innovative Applications of Artificial Intelligence (IAAI-00), July 30– 3, pp. 256–261. AAAI Press, Menlo Park (2000)Google Scholar
  2. 2.
    Boolean Satisfability Research Group at Princeton. zChaff (2004), http://ee.princeton.edu/chaff/zchaff.php
  3. 3.
    Ayara, M., Timmis, J., de Lemos, R., de Castro, L.N., Duncan, R.: Negative selection: How to generate detectors. In: Timmis, J., Bentley, P.J. (eds.) Proceedings of the 1st International Conference on Artificial Immune Systems (ICARIS), University of Kent at Canterbury, September 2002, pp. 89–98 (2002), University of Kent at Canterbury Printing UnitGoogle Scholar
  4. 4.
    Cohen Benaloh, J., de Mare, M.: One-way accumulators: A decentralized alternative to digital signatures. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 274–285. Springer, Heidelberg (1994)Google Scholar
  5. 5.
    Bradley, D.W., Tyrrell, A.M.: The architecture for a hardware immune system. In: Keymeulen, D., Stoica, A., Lohn, J., Zebulum, R.S. (eds.) The Third NASA/DoD Workshop on Evolvable Hardware, Long Beach, California, July 12-14, pp. 193–200. IEEE Computer Society, Los Alamitos (2001)CrossRefGoogle Scholar
  6. 6.
    Bradley, D.W., Tyrrell, A.M.: Immunotronics: Novel finite state machine architectures with built in self test using self-nonself differentiation. IEEE Transactions on Evolutionary Computation 6(3), 227–238 (2002)CrossRefGoogle Scholar
  7. 7.
    Camenisch, J., Lysyanskaya, A.: Dynamic accumulators and application to efficient revocation of anonymous credentials. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 61–76. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  8. 8.
    Chao, D.L., Forrest, S.: Generating biomorphs with an aesthetic immune system. In: Standish, R., Bedau, M.A., Abbass, H.A. (eds.) Artificial Life VIII: Proceedings of the Eighth International Conference on the Simulation and Synthesis of Living Systems, pp. 89–92. MIT Press, Cambridge (2003)Google Scholar
  9. 9.
    Cook, S.A., Mitchell, D.G.: Finding hard instances of the satisfiability problem: A survey. In: Du, Gu, Pardalos (eds.) Satisfiability Problem: Theory and Applications. Dimacs Series in Discrete Mathematics and Theoretical Computer Science, vol. 35, pp. 1–17. American Mathematical Society, Providence (1997)Google Scholar
  10. 10.
    Crawford, J.M., Anton, L.D.: Experimental results on the crossover point in satisfiability problems. In: Fikes, R., Lehnert, W. (eds.) Proceedings of the Eleventh National Conference on Artificial Intelligence. American Association for Artificial Intelligence, pp. 21–27. AAAI Press, Menlo Park (1993)Google Scholar
  11. 11.
    Dasgupta, D., Gonzalez, F.: An immunity-based technique to characterize intrusions in computer networks. IEEE Transactions on Evolutionary Computation 6(3) (June 2002)Google Scholar
  12. 12.
    de Castro, L.N., Timmis, J.I.: Artificial Immune Systems: A New Computational Intelligence Approach. Springer, Heidelberg (2002)zbMATHGoogle Scholar
  13. 13.
    D’haeseleer, P., Forrest, S., Helman, P.: An immunological approach to change detection: algorithms, analysis and implications. In: Proceedings of the 1996 IEEE Symposium on Computer Security and Privacy, IEEE Press, Los Alamitos (1996)Google Scholar
  14. 14.
    Esponda, F., Forrest, S., Helman, P.: The crossover closure and partial match detection. In: Timmis, J., Bentley, P.J., Hart, E. (eds.) ICARIS 2003. LNCS, vol. 2787, pp. 249–260. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  15. 15.
    Esponda, F., Forrest, S., Helman, P.: Enhancing privacy through negative representations of data. Technical report, Univerity of New Mexico (2004)Google Scholar
  16. 16.
    Esponda, F., Forrest, S., Helman, P.: A formal framework for positive and negative detection schemes. IEEE Transactions on Systems, Man and Cybernetics Part B: Cybernetics 34(1), 357–373 (2004)CrossRefGoogle Scholar
  17. 17.
    Feigenbaum, J., Liberman, M.Y., Wright, R.N.: Cryptographic protection of databases and software. In: Distributed Computing and Cryptography, pp. 161–172. American Mathematical Society, Providence (1991)Google Scholar
  18. 18.
    Fiorini, C., Martinelli, E., Massacci, F.: How to fake an RSA signature by encoding modular root finding as a SAT problem. Discrete Appl. Math. 130(2), 101–127 (2003)zbMATHCrossRefMathSciNetGoogle Scholar
  19. 19.
    Forrest, S., Perelson, A.S., Allen, L., CheruKuri, R.: Self-nonself discrimination in a computer. In: Proceedings of the 1994 IEEE Symposium on Research in Security and Privacy, IEEE Computer Society Press, Los Alamitos (1994)Google Scholar
  20. 20.
    Freitas, A., Timmis, J.: Revisiting the foundations of AIS: A problem oriented perspective. In: Timmis, J., Bentley, P.J., Hart, E. (eds.) ICARIS 2003. LNCS, vol. 2787, pp. 229–241. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  21. 21.
    Garey, M.R., Johnson, D.S.: Computers and Intractability: A Guide to the Theory of NP-Completeness. W.H. Freeman & Company, San Francisco (1978)Google Scholar
  22. 22.
    Goldreich, O.: On the foundations of modern cryptography. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 46–74. Springer, Heidelberg (1997)Google Scholar
  23. 23.
    Goldwasser, S.: Multi party computations: past and present. In: Proceedings of the sixteenth annual ACM symposium on Principles of distributed computing, pp. 1–6. ACM Press, New York (1997)CrossRefGoogle Scholar
  24. 24.
    Gonzalez, F., Dasgupta, D., Nino, L.F.: A randomized real valued negative selection algorithm. In: Timmis, J., Bentley, P.J., Hart, E. (eds.) ICARIS 2003. LNCS, vol. 2787, pp. 261–272. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  25. 25.
    Greensmith, J., Cayzer, S.: An AIS approach to semantic document classification. In: Timmis, J., Bentley, P.J., Hart, E. (eds.) ICARIS 2003. LNCS, vol. 2787, pp. 136–146. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  26. 26.
    Hofmeyr, S.: An immunological model of distributed detection and its application to computer security. PhD thesis, University of New Mexico, Albuquerque, NM (1999)Google Scholar
  27. 27.
    Hofmeyr, S., Forrest, S.: Immunity by design: An artificial immune system. In: Proceedings of the Genetic and Evolutionary Computation Conference (GECCO), pp. 1289–1296. Morgan-Kaufmann, San Francisco (1999)Google Scholar
  28. 28.
    Hofmeyr, S., Forrest, S.: Architecture for an artificial immune system. Evolutionary Computation Journal 8(4), 443–473 (2000)CrossRefGoogle Scholar
  29. 29.
    Impagliazzo, R., Levin, L.A., Luby, M.: Pseudo-random generation from oneway functions. In: Proceedings of the twenty-first annual ACM symposium on Theory of computing, pp. 12–24. ACM Press, New York (1989)CrossRefGoogle Scholar
  30. 30.
    Impagliazzo, R., Naor, M.: Efficient cryptographic schemes provably as secure as subset sum. In: IEEE, editor, 30th annual Symposium on Foundations of Computer Science, Research Triangle Park, NC, 1109 Spring Street, Suite 300, Silver Spring, MD 20910, USA, October 30–November 1, pp. 236–241. IEEE Computer Society Press, Los Alamitos (1989)CrossRefGoogle Scholar
  31. 31.
    Kearns, M., Mansour, Y., Ron, D., Rubinfeld, R., Schapire, R.E., Sellie, L.: On the learnability of discrete distributions. In: Proceedings of the twenty-sixth annual ACM symposium on Theory of computing, pp. 273–282. ACM Press, New York (1994)CrossRefGoogle Scholar
  32. 32.
    Kim, J., Bentley, P.J.: An evaluation of negative selection in an artificial immune system for network intrusion detection. In: Proceedings of the Genetic and Evolutionary Computation Conference (GECCO), pp. 1330–1337. Morgan-Kauffman, San Francisco (2001)Google Scholar
  33. 33.
    May, P., Mander, K.C., Timmis, J.: Software vaccination: An AIS approach. In: Timmis, J., Bentley, P.J., Hart, E. (eds.) ICARIS 2003. LNCS, vol. 2787, pp. 81–92. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  34. 34.
    Merkle, R.C., Hellman, M.E.: Hiding information and signatures in trapdoor knapsacks. IEEE-IT IT-24, 525–530 (1978)CrossRefGoogle Scholar
  35. 35.
    Mitchell, D., Selman, B., Levesque, H.: Problem solving: Hardness and easiness - hard and easy distributions of SAT problems. In: Proceeding of the 10th National Conference on Artificial Intelligence (AAAI 1992), San Jose, California, pp. 459–465. AAAI Press, Menlo Park (1992)Google Scholar
  36. 36.
    Moskewicz, M.W., Madigan, C.F., Zhao, Y., Zhang, L., Malik, S.: Chaff: Engineering an Efficient SAT Solver. In: Proceedings of the 38th Design Automation Conference (DAC 2001) (June 2001)Google Scholar
  37. 37.
    Naor, M.: Evaluation may be easier than generation (extended abstract). In: Proceedings of the twenty-eighth annual ACM symposium on Theory of computing, pp. 74–83. ACM Press, New York (1996)CrossRefGoogle Scholar
  38. 38.
    Naor, M., Yung, M.: Universal one-way hash functions and their cryptographic applications. In: Proceedings of the Twenty First Annual ACM Symposium on Theory of Computing, Seattle, Washington, May 15–17, pp. 33–43. ACM Press, New York (1989)CrossRefGoogle Scholar
  39. 39.
    Odlyzko: The rise and fall of knapsack cryptosystems. In: PSAM: Proceedings of the 42th Symposium in Applied Mathematics, American Mathematical Society, Providence (1991)Google Scholar
  40. 40.
    Popek, G.J.: Protection structures. COMPUTER 7(6), 22–33 (1974)Google Scholar
  41. 41.
    Saltzer, J.H., Schroeder, M.D.: The protection of information in computer systems. Proceedings of the IEEE 63(9), 1278–1308 (1975)CrossRefGoogle Scholar
  42. 42.
    Sathyanath, S., Sahin, F.: Artificial immune systems approach to a real time color image classification problem. In: Proceedings of the IEEE International Conference on Systems, Man, and Cybernetics (2001)Google Scholar
  43. 43.
    Schneier, B.: Applied Cryptography: Protocols, Algorithms, and Source Code in C. John Wiley and Sons, Inc., New York (1994)Google Scholar
  44. 44.
    Silberschatz, A., Korth, H.F., Sudarshan, S.: Database System Concepts, 4th edn. McGraw Hill, New York (2002)Google Scholar
  45. 45.
    Tarakanov, A.O., Skormin, V.A., Sokolova, S.P.: Immunocomputing: Principles and Applications. Springer, Heidelberg (2003)zbMATHGoogle Scholar
  46. 46.
    Taylor, D.W., Corne, D.W.: An investigation of negative selection for fault detection in refrigeration systems. In: Timmis, J., Bentley, P.J., Hart, E. (eds.) ICARIS 2003. LNCS, vol. 2787, pp. 34–45. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  47. 47.
    Vargas, P.A., Nunes de Castro, L., Michelan, R., Von Zuben, F.J.: An immune learning classifier network for automated navigation. In: Timmis, J., Bentley, P.J., Hart, E. (eds.) ICARIS 2003. LNCS, vol. 2787, pp. 69–80. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  48. 48.
    Wayner, P.: Translucent Databases. Flyzone Press (2002)Google Scholar
  49. 49.
    Wierzchon, S.T.: Generating optimal repertoire of antibody strings in an artificial immune system. In: Klopotek, M.A., Michalewicz, M., Wierzchon, S.T. (eds.) Intelligent Information Systems, pp. 119–133. Physica-Verlag, Heidelberg (2000)Google Scholar
  50. 50.
    Wierzchon, S.T.: Deriving concise description of non-self patterns in an artificial immune system. In: Wierzchon, S.T., Jain, L.C., Kacprzyk, J. (eds.) New Learning Paradigms in Soft Computing, pp. 438–458. Physica-Verlag, Heidelberg (2001)Google Scholar
  51. 51.
    Williams, P.D., Anchor, K.P., Bebo, J.L., Gunsch, G.H., Lamont, G.D.: CDIS: Towards a computer immune system for detecting network intrusions. In: Lee, W., Me, L., Wespi, A. (eds.) Fourth International Symposium, Recent Advances in Intrusion Detection, pp. 117–133. Springer, Berlin (2001)CrossRefGoogle Scholar
  52. 52.
    Yao, A.: Protocols for secure computation. In: IEEE, editor, 23rd annual Symposium on Foundations of Computer Science, Chicago, IL, 1109 Spring Street, Suite 300, Silver Spring, MD 20910, USA, November 3–5, pp. 160–164. IEEE Computer Society Press, Los Alamitos (1982)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Fernando Esponda
    • 1
  • Elena S. Ackley
    • 1
  • Stephanie Forrest
    • 1
  • Paul Helman
    • 1
  1. 1.Department of Computer ScienceUniversity of New MexicoAlbuquerqueUSA

Personalised recommendations