IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Computer viruses: theory and experiments
Computers and Security
State Transition Analysis: A Rule-Based Intrusion Detection Approach
IEEE Transactions on Software Engineering
Communications of the ACM
Soft Computing and Fuzzy Logic
IEEE Software
Case-Based Reasoning for Intrusion Detection
ACSAC '96 Proceedings of the 12th Annual Computer Security Applications Conference
Intrusion Detection Applying Machine Learning to Solaris Audit Data
ACSAC '98 Proceedings of the 14th Annual Computer Security Applications Conference
Building Diverse Computer Systems
HOTOS '97 Proceedings of the 6th Workshop on Hot Topics in Operating Systems (HotOS-VI)
Self-Nonself Discrimination in a Computer
SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
An Intrusion Detection Architecture for Ad Hoc Network Based on Artificial Immune System
PDCAT '06 Proceedings of the Seventh International Conference on Parallel and Distributed Computing, Applications and Technologies
| Hi-index | 0.00 |
With the massive connectivity provided by modern computer networks, more and more systems are subject to attack by intruders. The creativity of attackers, the complexities of host computers, along with the increasing prevalence of distributed systems and insecure networks such as the Internet have contributed to the difficulty in effectively identifying and counteracting security breaches. As such, while it is critical to have the mechanisms that are capable of preventing security violations, complete prevention of security breaches does not appear to be practical. Intrusion detection can be regarded as an alternative, or as a compromise to this situation. Several techniques for detecting intrusions are already well developed. But given their shortcomings, other approaches are being proposed and studied by many researchers. This paper discusses the shortcomings of some of the more traditional approaches used in intrusion detection systems. It argues that some of the techniques that are based on the traditional views of computer security are not likely to fully succeed. An alternative view that may provide better security systems is based on adopting the design principles from the natural immune systems, which in essence solve similar types of problems in living organisms. Furthermore, in any of these methodologies, the need for exploiting the tolerance for imprecision and uncertainty to achieve robustness and low solution costs is evident. This work reports on the study of the implications and advantages of using artificial immunology concepts for handling intrusion detection through approximate reasoning and approximate matching.