Anomaly detection in TCP/IP networks using immune systems paradigm

Authors:
Franciszek Seredynski;Pascal Bouvry
Affiliations:
Polish-Japanese Institute of Information Technology, Koszykowa 86, 02-008 Warsaw, Poland and Institute of Computer Science, Polish Academy of Sciences, Ordona 21, 01-237 Warsaw, Poland;Faculty of Sciences, Technology and Communication, Luxembourg University, 6 rue Coudenhove Kalergi, L-1359 Luxembourg-Kirchberg, Luxembourg
Venue:
Computer Communications
Year:
2007

Citing 11
Cited 6

The immune system, adaptation, and machine learning

Physica D
Genetic algorithms + data structures = evolution programs (2nd, extended ed.)

Genetic algorithms + data structures = evolution programs (2nd, extended ed.)
Mining in a data-flow environment: experience in network intrusion detection

KDD '99 Proceedings of the fifth ACM SIGKDD international conference on Knowledge discovery and data mining
Artficial Immune Systems and Their Applications

Artficial Immune Systems and Their Applications
Anomaly Detection over Noisy Data using Learned Probability Distributions

ICML '00 Proceedings of the Seventeenth International Conference on Machine Learning
Snort - Lightweight Intrusion Detection for Networks

LISA '99 Proceedings of the 13th USENIX conference on System administration
Architecture for an Artificial Immune System

Evolutionary Computation
A nonself space approach to network anomaly detection

IPDPS'06 Proceedings of the 20th international conference on Parallel and distributed processing
Learning and optimization using the clonal selection principle

IEEE Transactions on Evolutionary Computation
An artificial immune system architecture for computer securityapplications

IEEE Transactions on Evolutionary Computation
An immunity-based technique to characterize intrusions in computernetworks

IEEE Transactions on Evolutionary Computation

Rule extraction from trained adaptive neural networks using artificial immune systems

Expert Systems with Applications: An International Journal
A system for detection of liver disorders based on adaptive neural networks and artificial immune system

ACS'08 Proceedings of the 8th conference on Applied computer scince
Soft Computing Techniques for Internet Backbone Traffic Anomaly Detection

EvoWorkshops '09 Proceedings of the EvoWorkshops 2009 on Applications of Evolutionary Computing: EvoCOMNET, EvoENVIRONMENT, EvoFIN, EvoGAMES, EvoHOT, EvoIASP, EvoINTERACTION, EvoMUSART, EvoNUM, EvoSTOC, EvoTRANSLOG
Extracting rules for classification problems: AIS based approach

Expert Systems with Applications: An International Journal
A cooperative immunological approach for detecting network anomaly

Applied Soft Computing
A study of nature-inspired methods for financial trend reversal detection

EvoCOMNET'10 Proceedings of the 2010 international conference on Applications of Evolutionary Computation - Volume Part II

Quantified Score

Hi-index	0.25

Visualization

Abstract

The paper presents an architecture of an anomaly detection system based on the paradigm of artificial immune systems (AISs). Incoming network traffic data are considered by the system as signatures of potential attackers by mapping them into antigens of AISs either using some parameters of network traffic or headers of selected TCP/IP protocols. A number of methods of generation of antibodies (anomaly detectors) were implemented. The way of anomaly detection depends on the method of antibodies generation. The paper presents results of an experimental study performed with use of real data and shows how the performance of the anomaly detection system depends on traffic data coding and methods of generation of detectors.