Tunable immune detectors for behaviour-based network intrusion detection

Authors:
Mário Antunes;Manuel E. Correia
Affiliations:
School of Technology and Management, Polytechnic Institute of Leiria, Portugal and Center for Research in Advanced Computing Systems, Faculty of Science, University of Porto, Portugal;Center for Research in Advanced Computing Systems, Faculty of Science, University of Porto, Portugal
Venue:
ICARIS'11 Proceedings of the 10th international conference on Artificial immune systems
Year:
2011

Citing 10
Cited 0

The 1999 DARPA off-line intrusion detection evaluation

Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
Testing Intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory

ACM Transactions on Information and System Security (TISSEC)
Artificial Immune Systems: A New Computational Intelligence Paradigm

Artificial Immune Systems: A New Computational Intelligence Paradigm
Automatic Evaluation of Intrusion Detection Systems

ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
Snort Intrusion Detection and Prevention Toolkit

Snort Intrusion Detection and Prevention Toolkit
Immune system approaches to intrusion detection --- a review

Natural Computing: an international journal
Adaptable Lymphocytes for Artificial Immune Systems

ICARIS '08 Proceedings of the 7th international conference on Artificial Immune Systems
Immunological self-tolerance: Lessons from mathematical modeling

Journal of Computational and Applied Mathematics - Special issue: Mathematics applied to immunology
Review Article: Recent Advances in Artificial Immune Systems: Models and Applications

Applied Soft Computing
A hybrid AIS-SVM ensemble approach for text classification

ICANNGA'11 Proceedings of the 10th international conference on Adaptive and natural computing algorithms - Volume Part II

Quantified Score

Hi-index	0.00

Visualization

Abstract

Computer networks are highly dynamic environments in which the meaning of normal and anomalous behaviours can drift considerably throughout time. Behaviour-based Network Intrusion Detection System (NIDS) have thus to cope with the temporal normality drift intrinsic on computer networks, by tuning adaptively its level of response, in order to be able to distinguish harmful from harmless network traffic flows. In this paper we put forward the intrinsic Tunable Activation Threshold (TAT) theory ability to adaptively tolerate normal drifting network traffic flows. This is embodied on the TAT-NIDS, a TAT-based Artificial Immune System (AIS) we have developed for network intrusion detection. We describe the generic AIS framework we have developed to assemble TAT-NIDS and present the results obtained thus far on processing real network traffic data sets. We also compare the performance obtained by TAT-NIDS with the well known and widely deployed signature-based snort network intrusion detection system.