Skip to main content
SpringerLink
Log in

Immune System Approaches to Intrusion Detection – A Review

  • Conference paper
Book cover Artificial Immune Systems (ICARIS 2004)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 3239))

Included in the following conference series:

Abstract

The use of artificial immune systems in intrusion detection is an appealing concept for two reasons. Firstly, the human immune system provides the human body with a high level of protection from invading pathogens, in a robust, self-organised and distributed manner. Secondly, current techniques used in computer security are not able to cope with the dynamic and increasingly complex nature of computer systems and their security. It is hoped that biologically inspired approaches in this area, including the use of immune-based systems will be able to meet this challenge. Here we collate the algorithms used, the development of the systems and the outcome of their implementation. It provides an introduction and review of the key developments within this field, in addition to making suggestions for future research.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Aickelin, U., Bentley, P., Cayzer, S., Kim, J., McLeod, J.: Danger theory: The link between ais and ids. In: Proc. of the Second Internation Conference on Artificial Immune Systems (ICARIS 2003), pp. 147–155 (2003)

    Google Scholar 

  2. Balthrop, J., Esponda, F., Forrest, S., Glickman, M.: Coverage and generaliszation in an artificial immune system. In: Proceedings of GECCO, pp. 3–10 (2002)

    Google Scholar 

  3. Balthrop, J., Forrest, S., Glickman, M.: Revisiting lisys: Parameters and normal behaviour. In: Proceedings of the Congress on Evolutionary Computation, pp. 1045–1050 (2002)

    Google Scholar 

  4. Begnum, K., Burgess, M.: A scaled, immunological approach to anomaly countermeasures (combining ph with cfengine). In: Integrated Network Management, pp. 31–42 (2003)

    Google Scholar 

  5. Boudec, J., Sarafijanovic, S.: An artificial immune system approach to misbehavior detection in mobile ad-hoc networks. Technical Report IC/2003/59, Ecole Polytechnique Federale de Lausanne (2003)

    Google Scholar 

  6. Burgess, M.: Computer immunology. In: Proc. of the Systems Administration Conference(LISA 1998), pp. 283–297 (1998)

    Google Scholar 

  7. Dasgupta, D., Attoh-Okine, N.: Immunity-based systems: A survey. In: IEEE Int Conference on Systems, Man and Cybernetics (1997)

    Google Scholar 

  8. Dasgupta, D., Forrest, S.: Novelty detection in time series data using ideas from immunology. In: Proceedings of the 5th International Conference on Intelligent Systems, Reno (1996)

    Google Scholar 

  9. Dasgupta, D., Gonzalez, F.: An immunity-based technique to characterize intrusions in computer networks. IEEE Transactions on Evolutionary Computation 6(3), 281–291 (2002)

    Article  Google Scholar 

  10. de Castro, L., Timmis, J.: Artificial Immune Systems: A New Computational Intelligence Approach. Springer, Heidelberg (2002)

    MATH  Google Scholar 

  11. Debar, H., Dacier, M., Wespi, A.: Vised taxonomy of intrusion-detection systems. Annales des Telecommunications 55, 83–100 (2000)

    Google Scholar 

  12. Forrest, S., Perelson, A.S., Allen, L., Cherukuri, R.: Selfnonself discrimination in a computer. In: Proceedings of the 1994 IEEE Symposium on Security and Privacy, p. 202. IEEE Computer Society, Los Alamitos (1994)

    Google Scholar 

  13. Goldsby, R.A., Kindt, T.J., Osborne, B.A., Freeman, W.H. (eds.): Kubi Immunology, 5th edn. W. H. Freeman and Co., New York (2002)

    Google Scholar 

  14. Gonzalez, F., Dasgupta, D.: Anomaly detection using real-valued negative selection. Journal of Genetic Programming and Evolvable Machines 4, 383–403 (2003)

    Article  Google Scholar 

  15. Grinstein, G.: Information exploration shootout or benchmarks for information exploration. In: Proceedings of the 7th conference on Visualization 1996, pp. 449–450. IEEE Computer Society Press, Los Alamitos (1996)

    Chapter  Google Scholar 

  16. Hofmeyr, S., Forrest, S.: Intrusion detection using sequences of system calls. Journal of Computer Security 6, 151–180 (1998)

    Google Scholar 

  17. Hofmeyr, S., Forrest, S.: Immunity by design. In: Proceedings of GECCO, pp. 1289–1296 (1999)

    Google Scholar 

  18. Hofmeyr, S.: An immunological model of distributed detection and its application to computer security. PhD thesis, University Of New Mexico (1999)

    Google Scholar 

  19. Jerne, N.K.: Towards a network theory of the immune system. Annals of Immunology 125, 373–389 (1974)

    Google Scholar 

  20. Kephart, J.: A biologically inspired immune system for computers. In: Proceedings of the Fourth International Workshop on Synthesis and Simulatoin of Living Systems, Artificial Life IV, pp. 130–139 (1994)

    Google Scholar 

  21. Kim, J., Bentley, P.: Evaluating negative selection in an artificial immune system for network intrusion detection. In: Proceedings of GECCO, July 2001, pp. 1330–1337 (2001)

    Google Scholar 

  22. Kim, J., Bentley, P.J.: Towards an artificial immune system for network intrusion detection: An investigation of dynamic clonal selection. In: The Congress on Evolutionary Computation (CEC 2001), Seoul, Korea, pp. 1244–1252 (2001)

    Google Scholar 

  23. Kim, J.W.: Integrating Artificial Immune Algorithms for Intrusion Detection. PhD thesis, University College London (2002)

    Google Scholar 

  24. Kim, J.: An artificial immune system for network intrusion detection. In: O’Reilly, U.-M. (ed.) Graduate Student Workshop, Orlando, Florida, USA, 13, pp. 369–370 (1999)

    Google Scholar 

  25. Lincoln Labs. 1999 dataset. MIT Lincoln Labs (1999)

    Google Scholar 

  26. Leach, J., Tedesco, G.: Firestorm network intrusion detection system. Firestorm Documentation (2003)

    Google Scholar 

  27. Lunt, T., Tamaru, A., Gilham, F., Jagannathan, R., Neumann, P., Javitz, H., Valdes, A., Garvey, T.: A real-time intrusion detection expert system (ides) - final technical report. Technical report, Computer Science Laboratory, SRI International, California (1992)

    Google Scholar 

  28. Matzinger, P.: An innate sense of danger. Seminars in Immunology 10, 399–415 (1998)

    Article  Google Scholar 

  29. NIST. Intrusion detection systems. NIST Computer Science Special Reports SP 800-31 (November 2001)

    Google Scholar 

  30. Northcutt, S., Novak, J.: Network Intrusion Detection, 3rd edn. New Riders, Indianapolis (2003)

    Google Scholar 

  31. Nessus Project, http://www.nessus.org

  32. Roesch, M., Green, C.: Snort users manual snort release: 2.0.1. Snort Documentation (2003)

    Google Scholar 

  33. Sarafijanovic, S., Boudec, J.: An artificial immune system approach with secondary response for misbehavior detection in mobile ad-hoc networks. Technical Report IC/2003/65, Ecole Polytechnique Federale de Lausanne (2003)

    Google Scholar 

  34. Somayaji, A., Forrest, S., Hofmeyr, S., Longstaff, T.: A sense of self for unix processes. In: IEEE Symposium on Security and Privacy, pp. 120–128 (1996)

    Google Scholar 

  35. Somayaji, A.B.: Operating System Stability and Security Through Process Homeostasis. PhD thesis, University Of New Mexico (July 2002)

    Google Scholar 

  36. Williams, P., Anchor, K., Bebo, J., Gunsch, G., Lamont, G.: Cdis: Towards a computer immune system for detecting network intrusions. In: Lee, W., Mé, L., Wespi, A. (eds.) RAID 2001. LNCS, vol. 2212, pp. 117–133. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer Science, University of Nottingham, UK

    Uwe Aickelin, Julie Greensmith & Jamie Twycross

Authors
  1. Uwe Aickelin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Julie Greensmith
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jamie Twycross
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Mathematics and Computer Science, University of Catania, Viale A. Doria 6, 95125, Catania, Italy

    Giuseppe Nicosia  & Vincenzo Cutello  & 

  2. Computer Science Department, University College London, London, UK

    Peter J. Bentley

  3. Department of Electronics, University of York, YO10 5DD, Heslington, York, UK

    Jon Timmis

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Aickelin, U., Greensmith, J., Twycross, J. (2004). Immune System Approaches to Intrusion Detection – A Review. In: Nicosia, G., Cutello, V., Bentley, P.J., Timmis, J. (eds) Artificial Immune Systems. ICARIS 2004. Lecture Notes in Computer Science, vol 3239. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30220-9_26

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-30220-9_26

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-23097-7

  • Online ISBN: 978-3-540-30220-9

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation