Novel design concepts for network intrusion systems based on dendritic cells processes

M. R. Richard , Guan-zheng Tan , P. N. F. Ongalo , W. Cheruiyot

Journal of Central South University ›› 2013, Vol. 20 ›› Issue (8) : 2175 -2185.

PDF
Journal of Central South University ›› 2013, Vol. 20 ›› Issue (8) : 2175 -2185. DOI: 10.1007/s11771-013-1722-5
Article

Novel design concepts for network intrusion systems based on dendritic cells processes

Author information +
History +
PDF

Abstract

An abstraction and an investigation to the worth of dendritic cells (DCs) ability to collect, process and present antigens are presented. Computationally, this ability is shown to provide a feature reduction mechanism that could be used to reduce the complexity of a search space, a mechanism for development of highly specialized detector sets as well as a selective mechanism used in directing subsets of detectors to be activated when certain danger signals are present. It is shown that DCs, primed by different danger signals, provide a basis for different anomaly detection pathways. Different antigen-peptides are developed based on different danger signals present, and these peptides are presented to different adaptive layer detectors that correspond to the given danger signal. Experiments are then undertaken that compare current approaches, where a full antigen structure and the whole repertoire of detectors are used, with the proposed approach. Experiment results indicate that such an approach is feasible and can help reduce the complexity of the problem by significant levels. It also improves the efficiency of the system, given that only a subset of detectors are involved during the detection process. Having several different sets of detectors increases the robustness of the resulting system. Detectors developed based on peptides are also highly discriminative, which reduces the false positives rates, making the approach feasible for a real time environment.

Keywords

artificial immune systems / network intrusion detection / anomaly detection / feature reduction / negative selection algorithm / danger model

Cite this article

Download citation ▾
M. R. Richard, Guan-zheng Tan, P. N. F. Ongalo, W. Cheruiyot. Novel design concepts for network intrusion systems based on dendritic cells processes. Journal of Central South University, 2013, 20(8): 2175-2185 DOI:10.1007/s11771-013-1722-5

登录浏览全文

4963

注册一个新账户 忘记密码

References

Publishing order | Descend order by publishing year | Descend order by cited within
[1]

DasguptaD, YuS, MajumdarN. MILA-multilevel immune learning algorithm and its application to anomaly detection [J]. Journal of Soft Computing, 2005, 9(3): 172-184

[2]

ShellyW, BanzhafW. The use of computational intelligence in intrusion detection systems: A review [J]. Journal of Applied Soft Computing, 2010, 10: 1-35

[3]

ForrestS, PerelsonA S, AllenL, CherukuriR. Self-nonself discrimination in a computer [C]. Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy, 1994Oakland, CA, USAIEEE Press202-212

[4]

ForrestS, HofmeyrS, SomayajiA, LongstaffT. A sense of self for Unix processes [C]. Proceedings of the 1996 IEEE Symposium on Security and Privacy, 1996Los Alamitos, CA, USAIEEE Computer Society Press120-128

[5]

ForrestS, BeaucheminC. Computer Immunology [J]. Journal of Immunological Reviews, 2007, 216(1): 176-197
[6]

ForrestS, HofmeyrS, SomayajiA. Computer immunology [J]. Communications of the ACM, 1997, 40(10): 88-96

[7]

VellaM, RoperM, TerzisS, et al. HartE, et al. . Danger theory and intrusion detection: Possibilities and limitations of the analogy [C]. International Conference on Artificial Immune Systems (ICARIS), 2010Berlin HeidelbergSpringer-Verlag276-289

[8]

de CastroL N, ZubenF J V. Learning and optimization using the clonal selection principle [J]. IEEE Transactions on Evolutionary Computation, 2002, 6(3): 239-251

[9]

de CASTRO L N. Immune, swarm, and evolutionary algorithms Part I: Basic models [C]// Proceedings of the ICONIP Conference (International Conference on Neural Information Processing). Workshop on Artificial Immune Systems. Singapore, 2002: 1464-1468.
[10]

GaleanoJ C, Veloza-suanA, GonzálezF A. A comparative analysis of artificial immune network models [C]. Proceedings of GECCO. Washington, DC, USA, 2005361-368
[11]

LanginC, RahimiS. Soft computing in intrusion detection: The state of the art [J]. Journal of Ambient Intell Human Comput, 2010, 1: 133-145

[12]

KumarG, KumarK, SachdevaM. The use of artificial intelligence based techniques for intrusion detection: A review [J]. Journal of Artif Intell Rev, 2010, 34: 369-387

[13]

KimJ W, BentleyP, AickelinU, GreensmithJ, TedescoG, TwycrossJ. Immune system approaches to intrusion detection: A review [J]. Journal of Natural Computing, 2007, 6(4): 413-466

[14]

StiborT, MohrP, TimmisJ, EckertC. Is negative selection appropriate for anomaly detection? [C]. Proceedings of the 2005 Conference on Genetic and Evolutionary Computation (GECCO), 2005Washington, DC, USAACM 320 Press321-328

[15]

AickelinU, GreensmithJ. Sensing danger: Innate immunology for intrusion detection [J]. Information Security Technical Reports, 2007, 12(4): 218-227

[16]

MatzingerP. Tolerance, danger, and the extended family [J]. Annual Review of Immunology, 1994, 12: 991-1045

[17]

AickelinU, BentleyP, CayzerS, KimJ, McleodJTimmisJ, BentleyP J, HartE. Danger theory: The link between AIS and IDS? [C]. Artificial Immune Systems, 2003Berlin HeidelbergSpringer_Verlag147-155

[18]

AickelinU, CayzerSTimmisJ, BentleyP J. The danger theory and its application to artificial immune systems [C]. Proceedings of the 1st International Conference on Artificial Immune Systems (ICARIS’02), 2002UKCanterbury, University of Kent at Canterbury Printing Unit141-148
[19]

TwycrossJIntergrated innate and adaptive artificial immune system applied to process anomaly detection [D], 2007Nottingham, UKUniversity of Nottingham
[20]

GreensmithJ, TwycrossJ, AickelinU. Dendritic cells for anomaly detection [C]. IEEE Congress on Evolutionary Computation (CEC-06). Vancouver, 2006664-671
[21]

HartE, TimmisJ. Application areas of AIS: The past, the present and the future [J]. Journal of Applied Soft Computing, 2008, 8: 191-201

[22]

TimmisJ. Artificial immune systems-Today and tomorrow [J]. Journal of Natural Computing, 2007, 6(1): 1-18

[23]

MAYER G. Microbiology and immunology [EB/OL]. [2010-01-10]. http://pathmicro.med.sc.edu/ghaffar/innate.html
[24]

JanewayC AJr.. Presidential address to the American association of immunologists: The road less traveled by the role of innate immunity in the adaptive immune response [J]. Journal of Immunology, 1998, 161: 539-544
[25]

GuermonprezP, ValladeauJ, ZitvogelL, TheryC, AmigorenaS. Antigen presentation and T cell stimulation by dendritic cells [J]. Journal of Annu Rev Immunol, 2002, 20: 621-667

[26]

RimiruR M, TanG-z, NjukiS N. Integrating innate immune concepts in the design of an artificial immune system-based network intrusion detection [J]. International Journal of Digital Content Technology and its Applications (JCDTA), 2012, 6(2): 162-171

[27]

RimiruR M, TanG-z, WilsonC. Innate-inspired automated intrusion response mechanism for a network intrusion detection system [J]. Journal of Convergence Information Technology (JCIT), 2012, 7(9): 194-201

[28]

KDD data set [EB/OL]. [2010-03-02]. http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html
[29]

StolfoS J, FanW, LeeW, ProdromidisA, ChanP K. Cost-based modeling and evaluation for data mining with application to fraud and intrusion detection: Results from the JAM project [C]. DARPA Information Survivability Conference and Exposition. South Carolina, 20001130-1169
AI Summary AI Mindmap
PDF

103

Accesses

0

Citation

Detail
Sections
Recommended

AI思维导图

/