Network Anomaly Behavior Detection Using an Adaptive Multiplex Detector

  • Misun Kim
  • Minsoo Kim
  • JaeHyun Seo
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3982)


Due to the diversified threat elements of resources and information in computer network system, the research on a biological immune system is becoming one way for network security. Inspired by adaptive immune system principles of artificial immune system, we proposed an anomaly detection algorithm using a multiplex detector. In this algorithm, the multiplex detector is created by applying negative selection, positive selection and clonal selection to detect anomaly behaviors in network. Also the multiplex detector gives an effective method and dynamic detection. In this paper, the detectors are classified by K-detector, memory detector, B-detector, and T-detector for achieving multi level detection. We apply this algorithm in intrusion detection and, to be sure, it has a good performance.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    de Castro, L.N., Von Zuben, F.J.: Artificial Immune Systems: Part I – Basic Theory and Applications. Technical Report – RT DCA 01/99 (1999)Google Scholar
  2. 2.
    Dasgupta, D., Yu, S., Majumdar, N.: MILA – Multilevel Immune Learning Algorithm. In: Cantú-Paz, E., Foster, J.A., Deb, K., Davis, L., Roy, R., O’Reilly, U.-M., Beyer, H.-G., Kendall, G., Wilson, S.W., Harman, M., Wegener, J., Dasgupta, D., Potter, M.A., Schultz, A., Dowsland, K.A., Jonoska, N., Miller, J., Standish, R.K. (eds.) GECCO 2003. LNCS, vol. 2723, pp. 183–194. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  3. 3.
    Chowdhury, D.: Immune Network: An Example of Complex Adaptive Systems. In: Artificial Immune Systems and Their Applications, Part II, 1st edn., pp. 89–114. Springer, Heidelberg (1998)Google Scholar
  4. 4.
    Goldsby, R., Kindt, T., Osborne, B.: Kuby Immunology, 4th edn. W.H. Freeman & Company, New York (2000)Google Scholar
  5. 5.
    Forrest, S., Perelson, A., Allen, L., Cherukuri, R.: Self-Nonself Discrimination in a Computer. In: IEEE Symposium on Research in Security and Privacy, May 1994, pp. 202–212 (1994)Google Scholar
  6. 6.
    Dasgupta, D., Forrest, S.: An Anomaly Detection Algorithm Inspired by the Immune System. In: Artificial Immune Systems and Their Applications, Part III, 1st edn., pp. 262–275. Springer, Heidelberg (1998)Google Scholar
  7. 7.
    Kim, J., Bentley, P.: Evaluating Negative Selection in an Artificial Immune System for Network Intrusion Detection. In: Genetic and Evolutionary Computation Conference 2001 (GECCO 2001), San Francisco, July 2001, pp. 1330–1337 (2001)Google Scholar
  8. 8.
    Gonzalez, F., Dasgupta, D.: Anomaly detection using real-valued negative selection. In special issue of the Journal of Genetic Programming and Evolvable Machines 4(4), 383–403 (2003)CrossRefGoogle Scholar
  9. 9.
    Depren, O., Topallar, M., Anarim, E., Ciliz, M.K.: An intelligent intrusion detection system (IDS) for anomaly and misuse detection in computer networks. Expert Systems with Applications 29(4), 713–722 (2005)CrossRefGoogle Scholar
  10. 10.
    DARPA Intrusion Detection Evaluation, MIT Lincoln Laboratory,

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Misun Kim
    • 1
  • Minsoo Kim
    • 2
  • JaeHyun Seo
    • 2
  1. 1.Dept. of Computer EngineeringMokpo Nat’l Univ.MokpoKorea
  2. 2.Dept. of Information SecurityMokpo Nat’l Univ.MokpoKorea

Personalised recommendations