Title :
An intrusion detection system using ideas from the immune system
Author :
De Paula, Fabrício Sérgio ; De Castro, Leandro Nunes ; De Geus, Paulo Lício
Author_Institution :
Comput. Inst., State Univ. of Campinas, Brazil
Abstract :
This paper proposes an intrusion detection framework and presents a prototype for an intrusion detection system based on it. This framework takes architectural inspiration from the human immune system and brings desirable features to intrusion detection systems, such as automated intrusion recovery, attack signature extraction, and potential to improve behavior-based detection. These features are enabled through intrusion evidence detection. The prototype, called ADENOIDS, is designed to deal with application attacks, extracting signature for remote buffer overflow attacks. The framework and ADENOIDS are described and experimental results are presented.
Keywords :
artificial life; authorisation; message authentication; system recovery; ADENOIDS; attack signature extraction; automated intrusion recovery; behavior-based detection; buffer overflow attacks; human immune system; intrusion detection system; intrusion evidence detection; Application software; Buffer overflow; Computer security; Computer vision; Humans; Immune system; Informatics; Internet; Intrusion detection; Prototypes;
Conference_Titel :
Evolutionary Computation, 2004. CEC2004. Congress on
Print_ISBN :
0-7803-8515-2
DOI :
10.1109/CEC.2004.1330979
