A Novel Approach for Intrusion Detection System Using Artificial Immune System

  • Akanksha Parashar
  • Praneet Saurabh
  • Bhupendra Verma
Conference paper
Part of the Lecture Notes in Bioengineering book series (LNBE)


Intrusion detection, a topic that has evolved heavily due to the rising concern for information technology security, has endured numerous architecture abstractions. All of these architecture abstractions have strengths and weaknesses with regard to various factors like efficiency, security, integrity, durability, and cost-effectiveness, to name a few. In this chapter, we explore the appropriateness of the artificial immune system negative selection for intrusion detection and anomaly detection problems. Negative selection is appropriate for anomaly detection problems, especially when compared to statistical K-mean clustering methods, and can detect unseen or unknown attack.


Intrusion detection system Artificial immune system Clustering 


  1. 1.
    Cho SB (2003) Chapter 2: Artificial Life Technology for Adaptive Information Processing. In: Nikola K Fuzziness and soft computing. Future directions for intelligent systems and information sciences: the future of speech and image technologies, brain computers, WWW, and bioinformatics, 13.33, vol 45. Heidelberg, Germany: Physica, ISBN 3-7908-1276-5.Google Scholar
  2. 2.
    Dasgupta D (1999) Immunity-based intrusion detection system: a general framework. In: Proceedings of the 22nd national information systems security conference (NISSC). National Institute of Standards and Technology and National Computer Security Center, Hyatt Regency, Crystal City, Virginia, United StatesGoogle Scholar
  3. 3.
    Guan Y, Ghorbani AA, Belacel N (2003) Y-means: a clustering method for intrusion detection. In: Canadian conference on electrical and computer engineering, Montreal, Qubec, Canada, pp 1–4Google Scholar
  4. 4.
    Banfield JD, Raftery AE. Model-based gaussian and non-gaussian clusteringGoogle Scholar
  5. 5.
    Kim J, Bentley P (1999a) The Human ImmuneSystem and Network Intrusion Detection, 7th European Conference on Intelligent Techniques and Soft Computing (EUFIT ’99), Aachen, GermanyGoogle Scholar
  6. 6.
    Dasgupta D, Cao Y, Yang C (2003) An immunogenetic approach to spectra recognition. In: Wolfgang B, Jason D, Agoston EE, Max HG, Vasant H, Mark J, Robert ES (eds) Proceedings of the genetic and evolutionary computation (GECCO) Conference, vol 1. Morgan Kaufmann, Orlando, p 149, 155, ISBN 1-55860-611-4Google Scholar
  7. 7.
    Kim J, Bentley P (1999b) The Artificial ImmuneModel for Network Intrusion Detection, 7th European Conference on Intelligent Techniques and Soft Computing (EUFIT99), Aachen, GermanyGoogle Scholar
  8. 8.
    FAQ: network intrusion detection systems, Version 0.8.3, March 21, 2000 (Intrusion Detection)Google Scholar
  9. 9.
    Timmis J, Andrews P, Owens N Clark E (2008) An interdisciplinary perspective on artificial immune systems. Evolutionary Intelligence 1(1):5–26Google Scholar
  10. 10.
    Leonid P (2000) Intrusion detection with unlabeled data using clustering. Undergraduate thesis, Columbia University, NYGoogle Scholar
  11. 11.
    Lane T, Brodley CE (1999) Temporal sequence learning and data reduction for anomaly detection. ACM Trans Inf Syst Secur 2(3):295–331CrossRefGoogle Scholar
  12. 12.
    Debar H, Dacier M, Wespi A (1999) Towards a taxonomy of intrusion-detection systems. Computer Networks 31:805–822Google Scholar
  13. 13.
    Richard C (1999) A learning, multi-layered, hardware artificial immune system. Genetic and Evolutionary Computation Conference 13:149–158Google Scholar
  14. 14.
    Spafford, Zamboni D (2002) Intrusion detection using autonomous agents detection. J Computer Security 10(1/2):23-70Google Scholar
  15. 15.
    Balasubramaniyan et al (1998) An Architecture For Intrusion Detection Using Autonomous Agents, Technical Report 98/05, coast laboratory—Purdue universityGoogle Scholar
  16. 16.
    Michael Sobirey’s intrusion detection systems http://www.rnks.informatik.tucot
  17. 17.
    Fan W, Lee W, Stolfo S, Miller M (2000) A multiple model cost sensitive approach for intrusion detection. In: 11th European conference on machine learning (ECML ‘00) 2000Google Scholar
  18. 18.
    Fan W, Miller M, Stolfo S, Lee W, Chan P (2001) Using artificial anomalies to detect unknown and known network intrusions, CAGoogle Scholar
  19. 19.
    Kohonen Teuvo (1997) Self-organizing map. Springer, New YorkCrossRefGoogle Scholar
  20. 20.
    Stolfo SJ, Fan W, Lee W (2000) Cost-based modeling for fraud and intrusion detection: results from the JAM project. In: Proceedings of the 2000 DARPA information survivability conference and exposition, 2000Google Scholar
  21. 21.
    Kohonen T (1995) Self-organizing maps. In: Springer series in information sciences, vol 30. Springer, Berlin (Second Extended Edition 1997)Google Scholar
  22. 22.
    Lichodzijewski P, Zincir-Heywood AN, Heywood MI (2002) Host-based intrusion detection using neural gas. In: Proceedings of the 2002 IEEE world congress on computational intelligence, 2002 (in press)Google Scholar
  23. 23.
    Lee W, Stolfo S, Mok K (1999) Mining in a data environment: experience in network intrusion detection. In: Proceedings of 5th ACM SIGKDD international conference knowledge discovery and data mining, 124, San Diego, CA, p 114Google Scholar
  24. 24.
    Lee W, Stolfo S (1998) Data mining approaches for intrusion detection. In: Proceedings of the 7th USENIX security symposium (SECURITY ‘98), San Antonio, TXGoogle Scholar
  25. 25.
    Forrest, S. et al (1994) Self-Nonself Discrimination in a Computer, In: Proceedings of IEEE Symposium on Research in Security and Privacy, Los Alamos, CA: IEEE Computer Society PressGoogle Scholar
  26. 26.
    Sequeira and Zaki (2002) Anomaly Based Data Mining For Intrusion IJCSI PUBLICATION SP 800–31Google Scholar

Copyright information

© Springer India 2013

Authors and Affiliations

  • Akanksha Parashar
    • 1
  • Praneet Saurabh
    • 1
  • Bhupendra Verma
    • 1
  1. 1.Dept of CSETIT BhopalBhopalIndia

Personalised recommendations