Coverage and Generalization in an Artificial Immune System
GECCO '02 Proceedings of the Genetic and Evolutionary Computation Conference
Hypothesizing and reasoning about attacks missed by intrusion detection systems
ACM Transactions on Information and System Security (TISSEC)
An architecture for generating semantics-aware signatures
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Towards a conceptual framework for innate immunity
ICARIS'05 Proceedings of the 4th international conference on Artificial Immune Systems
Introducing dendritic cells as a novel immune-inspired algorithm for anomaly detection
ICARIS'05 Proceedings of the 4th international conference on Artificial Immune Systems
An efficient and unified approach to correlating, hypothesizing, and predicting intrusion alerts
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
A Hybrid Model for Immune Inspired Network Intrusion Detection
ICARIS '08 Proceedings of the 7th international conference on Artificial Immune Systems
Real-Time Alert Correlation with Type Graphs
ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
Review: The use of computational intelligence in intrusion detection systems: A review
Applied Soft Computing
Hi-index | 0.00 |
Network Intrusion Detection Systems (NIDS) monitor a network with the aim of discerning malicious from benign activity on that network. While a wide range of approaches have met varying levels of success, most IDS's rely on having access to a database of known attack signatures which are written by security experts. Nowadays, in order to solve problems with false positive alerts, correlation algorithms are used to add additional structure to sequences of IDS alerts. However, such techniques are of no help in discovering novel attacks or variations of known attacks, something the human immune system (HIS) is capable of doing in its own specialised domain. This paper presents a novel immune algorithm for application to an intrusion detection problem. The goal is to discover packets containing novel variations of attacks covered by an existing signature base.