Title :
An immunity-based technique to characterize intrusions in computer networks
Author :
Dasgupta, Dipankar ; González, Fabio
Author_Institution :
Comput. Sci. Div., Univ. of Memphis, TN, USA
fDate :
6/1/2002 12:00:00 AM
Abstract :
This paper presents a technique inspired by the negative selection mechanism of the immune system that can detect foreign patterns in the complement (nonself) space. In particular, the novel pattern detectors (in the complement space) are evolved using a genetic search, which could differentiate varying degrees of abnormality in network traffic. The paper demonstrates the usefulness of such a technique to detect a wide variety of intrusive activities on networked computers. We also used a positive characterization method based on a nearest-neighbor classification. Experiments are performed using intrusion detection data sets and tested for validation. Some results are reported along with analysis and concluding remarks
Keywords :
computer networks; genetic algorithms; pattern classification; telecommunication computing; telecommunication security; telecommunication traffic; biological systems modeling; complement space; computer network intrusion characterization; detector generation; foreign pattern detection; genetic algorithms; genetic search; immune system; immunity-based technique; intrusion detection data sets; intrusive activities; nearest-neighbor classification; negative selection mechanism; network traffic abnormality degrees; networked computers; nonself space; pattern detector evolution; Biology computing; Computer networks; Computer science; Computer viruses; Detectors; Immune system; Intelligent networks; Intrusion detection; Probability; Protection;
Journal_Title :
Evolutionary Computation, IEEE Transactions on
DOI :
10.1109/TEVC.2002.1011541
