An intrusion detection system based on data mining and immune principles

Author

Zhao, Jun-zhong ; Huang, Hou-Kuan

Author_Institution

Sch. of Comput. & Inf. Technol., Northern Jiaotong Univ., Beijing, China

Volume

1

fYear

2002

fDate

2002

Firstpage

524

Abstract

In this paper, a framework of an immune-based intrusion detection system (IDS) is presented. Here data mining techniques are used to discover frequently occurring patterns, which are equivalent to self proteins in the immune system. During the tolerance process known as negative selection, a set of valid detectors that does not match any self protein mined previously is generated in the space of nonself based on a distance metric. These negative detectors are distributed into the network system to perform anomaly detection independently and concurrently. Our experiment confirms a low false positive rate and a high detection rate.

Keywords

data mining; safety systems; security of data; anomaly detection; computer security; data mining techniques; distance metric; frequently occurring patterns; high detection rate; immune-based intrusion detection system; low false positive rate; negative selection; nonself space; self proteins; tolerance process; valid detectors; Artificial immune systems; Computer networks; Computer security; Data mining; Data security; Detectors; IP networks; Immune system; Intrusion detection; Proteins;

fLanguage

English

Publisher

ieee

Conference_Titel

Machine Learning and Cybernetics, 2002. Proceedings. 2002 International Conference on

Print_ISBN

0-7803-7508-4

Type

conf

DOI

10.1109/ICMLC.2002.1176811

Filename

1176811