An adaptive LAN intrusion detection system based on computer immunology

Author

Zhao, Tie-Shan ; Li, Zeng-Zhi ; Wang, Ze-Min ; Lin, Xiao-Jun

Author_Institution

Xi ´´an Jiaotong Univ., Xian

fYear

2007

fDate

15-18 Dec. 2007

Firstpage

2234

Lastpage

2238

Abstract

It is very useful to design adaptive LAN intrusion detection systems to improve the security of LANs. If a network connection links to an open port of an active host, it is defined as a normal one; otherwise, it is defined as an abnormal one. Rationality of the definitions is proved. Normal connections are self-bodies. A correct and complete self-body set can be used for an antibody set. If a new network connection doesn´t match any self-body, it is abnormal. An adaptive antibody generation model is presented firstly. Based on it, an adaptive intrusion detection system is introduced. Experiments show that the system is feasible: the detection rate of intruders´ scans is 100%, of intruders´ random probes is more than 98%, and there are no false alerts.

Keywords

local area networks; security of data; LAN security; adaptive LAN intrusion detection system; adaptive antibody generation model; computer immunology; network connection links; Biological system modeling; Biology computing; Computational modeling; Computer networks; Computer security; Educational institutions; Immune system; Internet; Intrusion detection; Local area networks; Adaptive; Computer immunology; Correct and complete self-body set; Intrusion detection system;

fLanguage

English

Publisher

ieee

Conference_Titel

Robotics and Biomimetics, 2007. ROBIO 2007. IEEE International Conference on

Conference_Location

Sanya

Print_ISBN

978-1-4244-1761-2

Electronic_ISBN

978-1-4244-1758-2

Type

conf

DOI

10.1109/ROBIO.2007.4522517

Filename

4522517