An intrusion detection system using ideas from the immune system

Author

De Paula, Fabrício Sérgio ; De Castro, Leandro Nunes ; De Geus, Paulo Lício

Author_Institution

Comput. Inst., State Univ. of Campinas, Brazil

Volume

1

fYear

2004

fDate

19-23 June 2004

Firstpage

1059

Abstract

This paper proposes an intrusion detection framework and presents a prototype for an intrusion detection system based on it. This framework takes architectural inspiration from the human immune system and brings desirable features to intrusion detection systems, such as automated intrusion recovery, attack signature extraction, and potential to improve behavior-based detection. These features are enabled through intrusion evidence detection. The prototype, called ADENOIDS, is designed to deal with application attacks, extracting signature for remote buffer overflow attacks. The framework and ADENOIDS are described and experimental results are presented.

Keywords

artificial life; authorisation; message authentication; system recovery; ADENOIDS; attack signature extraction; automated intrusion recovery; behavior-based detection; buffer overflow attacks; human immune system; intrusion detection system; intrusion evidence detection; Application software; Buffer overflow; Computer security; Computer vision; Humans; Immune system; Informatics; Internet; Intrusion detection; Prototypes;

fLanguage

English

Publisher

ieee

Conference_Titel

Evolutionary Computation, 2004. CEC2004. Congress on

Print_ISBN

0-7803-8515-2

Type

conf

DOI

10.1109/CEC.2004.1330979

Filename

1330979