A Novel Immune Anomaly Detection Technique Based on Negative Selection
In this paper, a novel general anomaly detection technique based on immunology was developed. One main advantage of the AIS is that it starts with a small number of detectors and a new set of antibodies is generated through an iterative process that improves the covering of the self space. The number of detectors generated during the training process was smaller than the size of the input data set because the learning process allows the detectors to have variable radius and it is possible to cover the self space with a small number of detectors. The post-processing of the antibodies improves the performance of the AIS. In future work, the immune technique may be applied to detect other types of intrusions in computer systems, or to solve any other anomaly detection problem.
KeywordsNegative Selection Intrusion Detection Input Pattern Anomaly Detection Detection Phase
Unable to display preview. Download preview PDF.
- 1.R. Bolaõs and C. Cadena. Intrusion detection in Linux using neural networks (in spanish). Computer Science Thesis. National University of Colombia. Bogotá, Colombia 2002.Google Scholar
- 3.D. Dasgupta and F. Nino. Comparison of Negative and Positive Selection Algorithms in Novel Pattern Detection, In the Proceedings of the IEEE International Conference on Systems, Man and Cybernetics (SMC), Nashville, 2000.Google Scholar
- 4.IBM. Denial of service attacks: Understanding network Vulnerabilities in www.ibm.com. 2002.Google Scholar