Abstract
The use of artificial immune systems in intrusion detection is an appealing concept for two reasons. Firstly, the human immune system provides the human body with a high level of protection from invading pathogens, in a robust, self-organised and distributed manner. Secondly, current techniques used in computer security are not able to cope with the dynamic and increasingly complex nature of computer systems and their security. It is hoped that biologically inspired approaches in this area, including the use of immune-based systems will be able to meet this challenge. Here we collate the algorithms used, the development of the systems and the outcome of their implementation. It provides an introduction and review of the key developments within this field, in addition to making suggestions for future research.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Aickelin, U., Bentley, P., Cayzer, S., Kim, J., McLeod, J.: Danger theory: The link between ais and ids. In: Proc. of the Second Internation Conference on Artificial Immune Systems (ICARIS 2003), pp. 147–155 (2003)
Balthrop, J., Esponda, F., Forrest, S., Glickman, M.: Coverage and generaliszation in an artificial immune system. In: Proceedings of GECCO, pp. 3–10 (2002)
Balthrop, J., Forrest, S., Glickman, M.: Revisiting lisys: Parameters and normal behaviour. In: Proceedings of the Congress on Evolutionary Computation, pp. 1045–1050 (2002)
Begnum, K., Burgess, M.: A scaled, immunological approach to anomaly countermeasures (combining ph with cfengine). In: Integrated Network Management, pp. 31–42 (2003)
Boudec, J., Sarafijanovic, S.: An artificial immune system approach to misbehavior detection in mobile ad-hoc networks. Technical Report IC/2003/59, Ecole Polytechnique Federale de Lausanne (2003)
Burgess, M.: Computer immunology. In: Proc. of the Systems Administration Conference(LISA 1998), pp. 283–297 (1998)
Dasgupta, D., Attoh-Okine, N.: Immunity-based systems: A survey. In: IEEE Int Conference on Systems, Man and Cybernetics (1997)
Dasgupta, D., Forrest, S.: Novelty detection in time series data using ideas from immunology. In: Proceedings of the 5th International Conference on Intelligent Systems, Reno (1996)
Dasgupta, D., Gonzalez, F.: An immunity-based technique to characterize intrusions in computer networks. IEEE Transactions on Evolutionary Computation 6(3), 281–291 (2002)
de Castro, L., Timmis, J.: Artificial Immune Systems: A New Computational Intelligence Approach. Springer, Heidelberg (2002)
Debar, H., Dacier, M., Wespi, A.: Vised taxonomy of intrusion-detection systems. Annales des Telecommunications 55, 83–100 (2000)
Forrest, S., Perelson, A.S., Allen, L., Cherukuri, R.: Selfnonself discrimination in a computer. In: Proceedings of the 1994 IEEE Symposium on Security and Privacy, p. 202. IEEE Computer Society, Los Alamitos (1994)
Goldsby, R.A., Kindt, T.J., Osborne, B.A., Freeman, W.H. (eds.): Kubi Immunology, 5th edn. W. H. Freeman and Co., New York (2002)
Gonzalez, F., Dasgupta, D.: Anomaly detection using real-valued negative selection. Journal of Genetic Programming and Evolvable Machines 4, 383–403 (2003)
Grinstein, G.: Information exploration shootout or benchmarks for information exploration. In: Proceedings of the 7th conference on Visualization 1996, pp. 449–450. IEEE Computer Society Press, Los Alamitos (1996)
Hofmeyr, S., Forrest, S.: Intrusion detection using sequences of system calls. Journal of Computer Security 6, 151–180 (1998)
Hofmeyr, S., Forrest, S.: Immunity by design. In: Proceedings of GECCO, pp. 1289–1296 (1999)
Hofmeyr, S.: An immunological model of distributed detection and its application to computer security. PhD thesis, University Of New Mexico (1999)
Jerne, N.K.: Towards a network theory of the immune system. Annals of Immunology 125, 373–389 (1974)
Kephart, J.: A biologically inspired immune system for computers. In: Proceedings of the Fourth International Workshop on Synthesis and Simulatoin of Living Systems, Artificial Life IV, pp. 130–139 (1994)
Kim, J., Bentley, P.: Evaluating negative selection in an artificial immune system for network intrusion detection. In: Proceedings of GECCO, July 2001, pp. 1330–1337 (2001)
Kim, J., Bentley, P.J.: Towards an artificial immune system for network intrusion detection: An investigation of dynamic clonal selection. In: The Congress on Evolutionary Computation (CEC 2001), Seoul, Korea, pp. 1244–1252 (2001)
Kim, J.W.: Integrating Artificial Immune Algorithms for Intrusion Detection. PhD thesis, University College London (2002)
Kim, J.: An artificial immune system for network intrusion detection. In: O’Reilly, U.-M. (ed.) Graduate Student Workshop, Orlando, Florida, USA, 13, pp. 369–370 (1999)
Lincoln Labs. 1999 dataset. MIT Lincoln Labs (1999)
Leach, J., Tedesco, G.: Firestorm network intrusion detection system. Firestorm Documentation (2003)
Lunt, T., Tamaru, A., Gilham, F., Jagannathan, R., Neumann, P., Javitz, H., Valdes, A., Garvey, T.: A real-time intrusion detection expert system (ides) - final technical report. Technical report, Computer Science Laboratory, SRI International, California (1992)
Matzinger, P.: An innate sense of danger. Seminars in Immunology 10, 399–415 (1998)
NIST. Intrusion detection systems. NIST Computer Science Special Reports SP 800-31 (November 2001)
Northcutt, S., Novak, J.: Network Intrusion Detection, 3rd edn. New Riders, Indianapolis (2003)
Nessus Project, http://www.nessus.org
Roesch, M., Green, C.: Snort users manual snort release: 2.0.1. Snort Documentation (2003)
Sarafijanovic, S., Boudec, J.: An artificial immune system approach with secondary response for misbehavior detection in mobile ad-hoc networks. Technical Report IC/2003/65, Ecole Polytechnique Federale de Lausanne (2003)
Somayaji, A., Forrest, S., Hofmeyr, S., Longstaff, T.: A sense of self for unix processes. In: IEEE Symposium on Security and Privacy, pp. 120–128 (1996)
Somayaji, A.B.: Operating System Stability and Security Through Process Homeostasis. PhD thesis, University Of New Mexico (July 2002)
Williams, P., Anchor, K., Bebo, J., Gunsch, G., Lamont, G.: Cdis: Towards a computer immune system for detecting network intrusions. In: Lee, W., Mé, L., Wespi, A. (eds.) RAID 2001. LNCS, vol. 2212, pp. 117–133. Springer, Heidelberg (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Aickelin, U., Greensmith, J., Twycross, J. (2004). Immune System Approaches to Intrusion Detection – A Review. In: Nicosia, G., Cutello, V., Bentley, P.J., Timmis, J. (eds) Artificial Immune Systems. ICARIS 2004. Lecture Notes in Computer Science, vol 3239. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30220-9_26
Download citation
DOI: https://doi.org/10.1007/978-3-540-30220-9_26
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-23097-7
Online ISBN: 978-3-540-30220-9
eBook Packages: Springer Book Archive