BASIS: A Biological Approach to System Information Security
Advanced information security systems (ISS) play an ever-increasing role in the information assurance in global computer networks. Dependability of ISS is being achieved by the enormous amount of data processing that adversely affects the overall network performance. Modern ISS architecture is viewed as a multi-agent system comprising a number of semi-autonomous software agents designated to prevent particular kinds of threats and suppress specific types of attacks without burdening the network. The high efficiency of such a system is achieved by establishing the principles of successful individual and cooperative operation of particular agents. Such principles, evolved during evolution, are known to be implemented in biological immune systems. The aim of this paper is the exploration of the basic principles that govern an immune system and the potential implementation of these principles in a multiagent ISS of a heterogeneous computer network.
KeywordsInformation Security Intrusion Detection Virus Infected Cell Artificial Immune System Foreign Agent
Unable to display preview. Download preview PDF.
- 2.Somayaji, A., Hofmeyr, S., and Forrest, S.: Principles of a Computer Immune System. 1997 New Security Paradigms Workshop, Langdale, Cumbria, UK (1997) 75–82Google Scholar
- 3.Crosbie, M., Spafford, E.: Active Defending of a Computer System using Autonomous Agents. Technical Report No. 95-008. COAST Group, Purdue University, (1995) 1–15Google Scholar
- 4.Balasubramaniyan, J., Garcia-Fernandez, J., Isakoff, D., Spafford, E., and Zamboni D.: An Architecture for Intrusion Detection using Autonomous Agents. In Proceedings of the 14th Annual Computer Security Applications Conference, Phoenix, Arizona. (December 7–11, 1998)Google Scholar
- 5.Kuby, J.: Immunology. 3rd Edition. W.H. Freeman and Co., New York (1997)Google Scholar
- 6.Janeway, C.A., Travers, P., Walport, W., and Capra, J.D.: Immunobiology. The immune system in health and disease. Garland Publishing, New York (1999)Google Scholar
- 7.Stolfo, S.J., Prodromidis, A.L., Tselepis, S., Lee, W., Fan, D.W., and Chan, P.K.: Jam: Java agents for meta-learning over distributed databases. In Proceedings of the 3rd International Conference on Knowledge Discovery and Data Mining, Newport Beach, CA, (1997) 74–81Google Scholar
- 8.White, G., Fish, E., and Pooch, U.: Cooperating Security Managers: A Peer-Based Intrusion Detection System. IEEE Network (January/February 1996) 20–23Google Scholar
- 9.Stillman, M., Marceau, C., and Stillman, M.: Intrusion Detection for Distributed Applications. Communications of the ACM, Vol. 42,No. 7, (July 99) 63–69Google Scholar
- 10.Warrender, C., Forrest, S., and Pearlmutter, B.: Detecting Intrusions Using System Calls: Alternative Data Models. IEEE Symp. on Security and Privacy, (1999) 133–145Google Scholar