Abstract
In recent years, advanced persistent threat (APT) is a very popular high-end network attack pattern. Due to the strong concealment and latency, APT can successfully avoid general detection. The attacks usually were not found by the attacked targets when assault has been finished. Because current techniques used in computer and network security are not able to cope with the dynamic and increasingly complex nature of computer system and network security, it is hoped that we could find some biological enlightenment, including the use of immune-based system that will be able to meet this challenge. In this paper, we review the characteristics of APT, several existing algorithms of the artificial immune system (AIS), and analyze the disadvantages of these algorithms when they apply to anomaly behavior detection that has the characteristics of APT. Then we propose an improved algorithm idea of AIS to make some suggestions for future research work.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Zheng, J., Chen, Y., Zhang, W.: A Survey of Artificial Immune Applications. Springer Science Business Media, New York (2010)
Dasgupta, D, Attoh-Okine, N.: Immunity based systems: a survey. In: IEEE International Conference (1997)
Hong, J., Lee, W., Lee, B., Lee, Y.: An efficient production algorithm for multihead surface mounting machines using the biological immune algorithm. Int. J. Fuzzy Syst. 2(1), 45–53 (2000)
Forrest, S., Perelson, A., Cherukuri, R.: Self-nonself discrimination in a computer[A]. In: Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy[C], pp. 202–212. IEEE Computer Society, Los Almitos (1994)
Kim, J., Bentley, P.J., Aickelin, U., Greensmith, J., Tedesco, G., Twycross, J.: Immune system approaches to intrusion detection–a review. Nat. Comput. 6, 413–466 (2007)
Dhaeseleer, P.: An immunological approach to change detection: theoretical results [A]. In: Proceedings of the 9th IEEE Computer Security Foundations Workshop[C], pp. 132–143, Kenmare (1996)
Zhou, J., Dasgupta, D.: Revisiting negative selection algorithms [J]. Evol. Comput. 5(2), 223–251 (2007)
Matzinger, P.: Tolerance, danger, and the extended family. Annu. Rev. Immunol. 12, 991–1045 (1994)
Burgess, M.: Computer immunology. In: Proceeding of the Systems Administration Conference (LISA-98), pp. 283–297 (1998)
Burgess, M.: Evaluating cfegine’s immunity model of site maintenance. In: Proceeding of the 2nd SANE System Administration Conference (USENIX/NLUUG) (2000)
Kim, J., Wilson, W.O., Aickelin, U., McLeod, J.: Cooperative automated worm response and detection immune algorithm (cardinal) inspired by t-cell immunity and tolerance. In: Jacob, C., Pilat, M.L., Bentley, P.J., Timmis, J.I. (eds.) ICARIS 2005. LNCS, vol. 3627, pp. 168–181. Springer, Heidelberg (2005)
Kim, J.,Bentley, P.J.: Towards an artificial immune system for network intrusion detection: an investigation of dynamic clonal selection [C]. In: Proceeding of the Congress on Evolutionary Computation, pp. 1015–1020. IEEE, Honolulu (2002)
Kim, J., Bentley, P.J.: Towards an Artificial Immune System for Network Intrusion Detection: an Investigation of Dynamic Clonal Selection
Acknowledgements
This work was supported by the National High Technology Research and Development Program of China (863 Program) (No. 2013AA014702), Fundamental Research Funds for the Central Universities (2014PTB-00-04, 2014ZD03-03) and China Next Generation Internet Project (CNGI Project) (CNGI-12-02-027). In addition, the authors would like to thank the students in Information Network Center of BUPT for their valuable contribution to recommendations of this paper and the implementation of relevant projects.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Jia, B., Lin, Z., Ma, Y. (2015). Advanced Persistent Threat Detection Method Research Based on Relevant Algorithms to Artificial Immune System. In: Yueming, L., Xu, W., Xi, Z. (eds) Trustworthy Computing and Services. ISCTCS 2014. Communications in Computer and Information Science, vol 520. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-47401-3_29
Download citation
DOI: https://doi.org/10.1007/978-3-662-47401-3_29
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-47400-6
Online ISBN: 978-3-662-47401-3
eBook Packages: Computer ScienceComputer Science (R0)