Is negative selection appropriate for anomaly detection?
GECCO '05 Proceedings of the 7th annual conference on Genetic and evolutionary computation
Self-healing mechanisms for kernel system compromises
WOSS '04 Proceedings of the 1st ACM SIGSOFT workshop on Self-managed systems
How Do We Evaluate Artificial Immune Systems?
Evolutionary Computation
A Machine Learning Evaluation of an Artificial Immune System
Evolutionary Computation
A representational ecology for learning classifier systems
Proceedings of the 8th annual conference on Genetic and evolutionary computation
An evaluation of negative selection algorithm with constraint-based detectors
Proceedings of the 44th annual Southeast regional conference
A survey of autonomic communications
ACM Transactions on Autonomous and Adaptive Systems (TAAS)
Modeling intrusion detection system using hybrid intelligent systems
Journal of Network and Computer Applications - Special issue: Network and information security: A computational intelligence approach
Revisiting Negative Selection Algorithms
Evolutionary Computation
Application areas of AIS: The past, the present and the future
Applied Soft Computing
Rule generalisation in intrusion detection systems using SNORT
International Journal of Electronic Security and Digital Forensics
Computer defense using artificial intelligence
SpringSim '07 Proceedings of the 2007 spring simulation multiconference - Volume 3
A negative selection algorithm for classification and reduction of the noise effect
Applied Soft Computing
An Immune Multi-agent System for Network Intrusion Detection
ISICA '08 Proceedings of the 3rd International Symposium on Advances in Computation and Intelligence
V-detector: An efficient negative selection algorithm with "probably adequate" detector coverage
Information Sciences: an International Journal
ACM Computing Surveys (CSUR)
Review: The use of computational intelligence in intrusion detection systems: A review
Applied Soft Computing
P2P-AIS: a P2P artificial immune systems architecture for detecting DDoS flooding attacks
GIIS'09 Proceedings of the Second international conference on Global Information Infrastructure Symposium
Towards an immunity-based system for detecting masqueraders
International Journal of Knowledge-based and Intelligent Engineering Systems
A novel immune inspired approach to fault detection
ICARIS'07 Proceedings of the 6th international conference on Artificial immune systems
Improved identification of Hammerstein plants using new CPSO and IPSO algorithms
Expert Systems with Applications: An International Journal
A Survey of artificial immune applications
Artificial Intelligence Review
Evolving boundary detector for anomaly detection
Expert Systems with Applications: An International Journal
Run-time malware detection based on positive selection
Journal in Computer Virology
Artificial immune strategies improve the security of data storage
ICNC'05 Proceedings of the First international conference on Advances in Natural Computation - Volume Part II
On permutation masks in hamming negative selection
ICARIS'06 Proceedings of the 5th international conference on Artificial Immune Systems
Theoretical basis of novelty detection in time series using negative selection algorithms
ICARIS'06 Proceedings of the 5th international conference on Artificial Immune Systems
A novel artificial immune network model and analysis on its dynamic behavior and stabilities
ICNC'06 Proceedings of the Second international conference on Advances in Natural Computation - Volume Part II
Challenges for artificial immune systems
WIRN'05 Proceedings of the 16th Italian conference on Neural Nets
Computational intelligence for network intrusion detection: recent contributions
CIS'05 Proceedings of the 2005 international conference on Computational Intelligence and Security - Volume Part I
An immunity-based dynamic multilayer intrusion detection system
ICIC'06 Proceedings of the 2006 international conference on Computational Intelligence and Bioinformatics - Volume Part III
Signature-Based approach for intrusion detection
MLDM'05 Proceedings of the 4th international conference on Machine Learning and Data Mining in Pattern Recognition
What have gene libraries done for AIS?
ICARIS'05 Proceedings of the 4th international conference on Artificial Immune Systems
Application areas of AIS: the past, the present and the future
ICARIS'05 Proceedings of the 4th international conference on Artificial Immune Systems
Detection of suspicious behavior from a sparse set of multiagent interactions
Proceedings of the 11th International Conference on Autonomous Agents and Multiagent Systems - Volume 2
Application of the feature-detection rule to the Negative Selection Algorithm
Expert Systems with Applications: An International Journal
Review: A review of novelty detection
Signal Processing
Hi-index | 0.00 |
In anomaly detection, the normal behavior of a process is characterized by a model, and deviations from the model are called anomalies. In behavior-based approaches to anomaly detection, the model of normal behavior is constructed from an observed sample of normally occurring patterns. Models of normal behavior can represent either the set of allowed patterns (positive detection) or the set of anomalous patterns (negative detection). A formal framework is given for analyzing the tradeoffs between positive and negative detection schemes in terms of the number of detectors needed to maximize coverage. For realistically sized problems, the universe of possible patterns is too large to represent exactly (in either the positive or negative scheme). Partial matching rules generalize the set of allowable (or unallowable) patterns, and the choice of matching rule affects the tradeoff between positive and negative detection. A new match rule is introduced, called r-chunks, and the generalizations induced by different partial matching rules are characterized in terms of the crossover closure. Permutations of the representation can be used to achieve more precise discrimination between normal and anomalous patterns. Quantitative results are given for the recognition ability of contiguous-bits matching together with permutations.