An artificial immune system-inspired multiobjective evolutionary algorithm with application to the detection of distributed computer network intrusions

Authors:
Charles R. Haag;Gary B. Lamont;Paul D. Williams;Gilbert L. Peterson
Affiliations:
Department of Electrical and Computer Engineering, Graduate School of Engineering and Management, Air Force Institute of Technology, WPAFB, Dayton, OH;Department of Electrical and Computer Engineering, Graduate School of Engineering and Management, Air Force Institute of Technology, WPAFB, Dayton, OH;Department of Electrical and Computer Engineering, Graduate School of Engineering and Management, Air Force Institute of Technology, WPAFB, Dayton, OH;Department of Electrical and Computer Engineering, Graduate School of Engineering and Management, Air Force Institute of Technology, WPAFB, Dayton, OH
Venue:
ICARIS'07 Proceedings of the 6th international conference on Artificial immune systems
Year:
2007

Citing 11
Cited 1

Artificial Immune Systems: A New Computational Intelligence Paradigm

Artificial Immune Systems: A New Computational Intelligence Paradigm
CDIS: Towards a Computer Immune System for Detecting Network Intrusions

RAID '00 Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection
The consensus string problem for a metric is NP-complete

Journal of Discrete Algorithms
How to Solve It: Modern Heuristics

How to Solve It: Modern Heuristics
Solving Multiobjective Optimization Problems Using an Artificial Immune System

Genetic Programming and Evolvable Machines
A retrovirus inspired algorithm for virus detection & optimization

Proceedings of the 8th annual conference on Genetic and evolutionary computation
Evolutionary Algorithms for Solving Multi-Objective Problems (Genetic and Evolutionary Computation)

Evolutionary Algorithms for Solving Multi-Objective Problems (Genetic and Evolutionary Computation)
Immune system approaches to intrusion detection --- a review

Natural Computing: an international journal
The effect of binary matching rules in negative selection

GECCO'03 Proceedings of the 2003 international conference on Genetic and evolutionary computation: PartI
An artificial immune system architecture for computer securityapplications

IEEE Transactions on Evolutionary Computation
Performance assessment of multiobjective optimizers: an analysis and review

IEEE Transactions on Evolutionary Computation

A hybrid artificial immune system and Self Organising Map for network intrusion detection

Information Sciences: an International Journal

Quantified Score

Hi-index	0.00

Visualization

Abstract

Contemporary signature-based intrusion detection systems are reactive in nature and are storage-limited. Their operation depends upon identifying an instance of an intrusion or virus and encoding it into a signature that is stored in its anomaly database, providing a window of vulnerability to computer systems during this time. Further, the maximum size of an Internet Protocol-based message requires a huge database in order to maintain possible signature combinations. To tighten this response cycle within storage constraints, this paper presents an innovative artificial immune system (AIS) integrated with a multiobjective evolutionary algorithm (MOEA). This new distributed intrusion detection system (IDS) design is intended to measure the vector of tradeoff solutions among detectors with regard to two independent objectives: best classification fitness and multiobjective hypervolume size. AIS antibody detectors promiscuously monitor network traffic for exact and variant abnormal system events based on only the detector's own data structure and the application domain truth set. Applied to the MIT-DARPA 1999 insider intrusion detection data set, this new software engineered AIS-MOEA IDS called jREMISA correctly classifies normal and abnormal events at a relative high statistical level which is directly attributed to finding the proper detector affinity threshold.