Title :
An Adaptive Intrusion Prevention System Based on Immunity
Author :
Jain, Peeyush ; Goyal, Sudhansu
Author_Institution :
Comput. Networks & Internet Eng. Div., Centre for Dev. of Adv. Comput., Mumbai, India
Abstract :
More virulent attack methodologies such as viruses, tampering of source code repositories, and automation of distributed strikes create new challenges for the untimely detection, manual recovery and prevention used today. Methods are required to automate the prevention of system compromises. Most of the existing solutions are static and do not learn from incoming data for automatic response. So there is scope for systems, that works on behavioral and knowledge model. The system or network behavior should be monitored to gather the information using which it can build the knowledge. According to the built up knowledge, it should be able to add signatures of abnormal actions dynamically, which will make the system self immune against the network intrusions. Latest immunological theories empower the existing IPS to a next generation Intrusion Prevention System (IPS). This paper proposes an Adaptive Intrusion Prevention System based on immunity which has used system call sequence for behavior profiling and anomaly detection.
Keywords :
authorisation; digital signatures; IPS; adaptive intrusion prevention system; anomaly detection; automatic response; behavior profiling; behavioral model; immunological theories; knowledge model; network intrusions; system call sequence; Adaptive systems; Telecommunication computing; Telecommunication control; Testing; Training data; Anomaly Detection.; Artificial Immune System (AIS); Danger Theory; Human immune System (HIS); Intrusion Prevention System; Neural Network;
Conference_Titel :
Advances in Computing, Control, & Telecommunication Technologies, 2009. ACT '09. International Conference on
Conference_Location :
Trivandrum, Kerala
Print_ISBN :
978-1-4244-5321-4
Electronic_ISBN :
978-0-7695-3915-7
DOI :
10.1109/ACT.2009.192
