Skip to main content
SpringerLink
Log in

Towards an Immunity-Based Anomaly Detection System for Network Traffic

  • Conference paper
Book cover Knowledge-Based Intelligent Information and Engineering Systems (KES 2006)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 4252))

Abstract

We have applied our previous immunity-based system to anomaly detection for network traffic, and confirmed that our system outperformed the single-profile method. For internal masquerader detection, the missed alarm rate was 11.21% with no false alarms. For worm detection, four random-scanning worms and the simulated metaserver worm were detected with no missed alarms and no false alarms, while a simulated passive worm was detected with a missed alarm rate of 80.57%.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Williamson, M.M.: Throttling viruses: Restricting propagation to defeat malicious mobile code. In: ACSAC Security Conference, pp. 61–68 (2002)

    Google Scholar 

  2. Okamoto, T.: A Worm Filter Based on the Number of Unacknowledged Requests. In: Khosla, R., Howlett, R.J., Jain, L.C. (eds.) KES 2005. LNCS (LNAI), vol. 3682, pp. 93–99. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  3. Weaver, N., Paxson, V., Staniford, S., Cunningham, R.: A taxonomy of computer worms. In: The 2003 ACM Workshop on Rapid Malcode, pp. 11–18. ACM Press, New York (2003)

    Chapter  Google Scholar 

  4. Okamoto, T., Watanabe, T., Ishida, Y.: Towards an immunity-based system for detecting masqueraders. In: Palade, V., Howlett, R.J., Jain, L. (eds.) KES 2003. LNCS, vol. 2774, pp. 488–495. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  5. Okamoto, T., Watanabe, T., Ishida, Y.: Mechanism for Generating Immunity-Based Agents that Detect Masqueraders. In: Negoita, M.G., Howlett, R.J., Jain, L.C. (eds.) KES 2004. LNCS (LNAI), vol. 3214, pp. 534–540. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  6. Okamoto, T., Watanabe, Y., Ishida, Y.: Test statistics for a masquerader detection system – a comparison between hidden markov model and other probabilistic models. Transactions of the ISCIE 16(2), 61–69 (2003)

    Google Scholar 

  7. Schonlau, M., DuMouchel, W., Ju, W., Karr, A., Theus, M., Vardi, Y.: Computer intrusion: Detecting masquerades. Statistical Science 16(1), 58–74 (2001)

    Article  MATH  MathSciNet  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Network Engineering, Kanagawa Institute of Technology, 1030, Shimo-ogino, Atsugi, Kanagawa, 243-0292, Japan

    Takeshi Okamoto

  2. Department of Knowledge-Based Information Engineering, Toyohashi University of Technology, 1-1, Tempaku, Toyohashi, Aichi, 441-8580, Japan

    Yoshiteru Ishida

Authors
  1. Takeshi Okamoto
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yoshiteru Ishida
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Design, Engineering and Computing, Bournemouth University, UK

    Bogdan Gabrys

  2. Centre for SMART Systems, School of Environment and Technology, University of Brighton, BN2 4GJ, Brighton, UK

    Robert J. Howlett

  3. School of Electrical and Information Engineering, Knowledge Based Intelligent Engineering Systems Centre, University of South Australia, SA, 5095, Mawson Lakes, Australia

    Lakhmi C. Jain

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Okamoto, T., Ishida, Y. (2006). Towards an Immunity-Based Anomaly Detection System for Network Traffic. In: Gabrys, B., Howlett, R.J., Jain, L.C. (eds) Knowledge-Based Intelligent Information and Engineering Systems. KES 2006. Lecture Notes in Computer Science(), vol 4252. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11893004_16

Download citation

  • DOI: https://doi.org/10.1007/11893004_16

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-46537-9

  • Online ISBN: 978-3-540-46539-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation