Skip to main content
SpringerLink
Log in

Further Experimentation with Hybrid Immune Inspired Network Intrusion Detection

  • Conference paper
Artificial Immune Systems (ICARIS 2010)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 6209))

Included in the following conference series:

Abstract

This paper presents continued experimentation on the Network Threat Recognition with Immune Inspired Anomaly Detection, or NetTRIIAD, model. This hybrid model combines established network monitoring methods with artificial immune system methods to achieve improved performance. The paper presets experiments investigating the model’s performance in detecting novel threats and the performance contribution of the individual components.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 64.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Aickelin, U., et al.: Danger Theory: The Link between AIS and IDS? In: Timmis, J., Bentley, P.J., Hart, E. (eds.) ICARIS 2003. LNCS, vol. 2787, pp. 147–155. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  2. Al-Hammadi, Y., Aickelin, U., Greensmith, J.: The DCA for Bot Detection. In: Proceedings of the IEEE World Congress on Evolutionary Computation 2008 (CEC 2008), pp. 1807–1816. IEEE Press, New York (2008)

    Chapter  Google Scholar 

  3. Dasgupta, D. (ed.): An Overview of Artificial Immune Systems and Their Applications. Springer, Heidelberg (1998)

    Google Scholar 

  4. Fanelli, R.: A Hybrid Model for Immune Inspired Network Intrusion Detection. In: Bentley, P.J., Lee, D., Jung, S. (eds.) ICARIS 2008. LNCS, vol. 5132, pp. 107–118. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  5. Fanelli, R.: Network Threat Detection Utilizing Adaptive and Innate Immune System Metaphors. Dissertation, University of Hawaii (2008)

    Google Scholar 

  6. Forrest, S., Hofmeyr, S.A., Somayaji, A.: Computer immunology. Communications of the ACM 40(10), 88–96 (1997)

    Article  Google Scholar 

  7. Galstad, E.: Nagios Home Page, http://www.nagios.org

  8. Glickman, M., Balthrop, J., Forrest, S.: A Machine Learning Evaluation of an Artificial Immune System. Evolutionary Computation Journal 13(2), 179–212 (2005)

    Article  Google Scholar 

  9. Greensmith, J., Aickelin, U., Cayzer, S.: Introducing Dendritic Cells as a Novel Immune-Inspired Algorithm for Anomaly Detection. In: Jacob, C., Pilat, M.L., Bentley, P.J., Timmis, J.I. (eds.) ICARIS 2005. LNCS, vol. 3627, pp. 153–167. Springer, Heidelberg (2005)

    Google Scholar 

  10. Greensmith, J., Aickelin, U.: Dendritic Cells for SYN Scan Detection. In: Proceedings of the Genetic and Evolutionary Computation Conference (GECCO 2007), London, pp. 49–56 (2007)

    Google Scholar 

  11. Haines, J.W., et al.: 1999 DARPA Intrusion Detection Evaluation: Design and Procedures, TR-1062, Lincoln Laboratory, Massachusetts Institute of Technology, Lexington, MA (2001)

    Google Scholar 

  12. Hofmeyr, S.A., Forrest, S.: Architecture for an Artificial Immune System. IEEE Transactions on Evolutionary Computation 8(4), 443–473 (2000)

    Google Scholar 

  13. Janeway, C.A.: Immunobiology, 6th edn. Garland Science, New York (2005)

    Google Scholar 

  14. Kim, J., Bentley, P.: Towards an Artificial Immune System for Network Intrusion Detection: An Investigation of Dynamic Clonal Selection. In: Proceedings of the 2001 Congress on Evolutionary Computation (CEC 2001), Seoul, pp. 1244–1252 (2002)

    Google Scholar 

  15. Kim, J.W., et al.: Malicious Code Execution Detection and Response Immune System Inspired by the Danger Theory. In: Proceedings of the Adaptive and Resilient Computing Security Workshop (ARCS 2005), Santa Fe, NM (2005)

    Google Scholar 

  16. Mahoney, M.V., Chan, P.K.: An Analysis of the 1999 DARPA/Lincoln Laboratory Evaluation Data for Network Anomaly Detection. In: Vigna, G., Krügel, C., Jonsson, E. (eds.) RAID 2003. LNCS, vol. 2820, pp. 220–237. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  17. Matzinger, P.: Tolerance, Danger, and the Extended Family. Annual Review of Immunology 12, 991–1045 (1994)

    Google Scholar 

  18. Matzinger, P.: Friendly and dangerous signals: is the tissue in control? Nature Immunology 8(1), 11–13 (2007)

    Article  Google Scholar 

  19. McHugh, J.: Testing Intrusion Detection Systems: A Critique of the 1998 and 1999 DARPA Intrusion Detection System Evaluations as Performed by Lincoln Laboratory. ACM Transactions on Information and System Security 3(4), 262–294 (2000)

    Article  Google Scholar 

  20. Metasploit LLC: The Metasploit Project, http://www.metasploit.com/

  21. MITRE Corp: Common Vulnerabilities and Exposures - CVE-2007-1748, http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1748

  22. Paul, W.E.: Fundamental Immunology, 4th edn. Lippincott Williams & Wilkins, Philadelphia (1998)

    Google Scholar 

  23. Sangster, B., et al.: Toward Instrumenting Network Warfare Competitions to Generate Labeled Datasets. In: USENIX Security’s Workshop on Cyber Security Experimentation and Test, CSET (2009)

    Google Scholar 

  24. Sourcefire Inc: Snort - The Open Source Network Intrusion Detection System, http://www.snort.org

  25. Stibor, T., Timmis, J., Eckert, C.: On the Appropriateness of Negative Selection Defined Over Hamming Shape-Space as a Network Intrusion Detection System. In: Proceedings of the 2005 IEEE Congress on Evolutionary Computation, pp. 995–1002. IEEE Press, New York (2005)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. United States Military Academy, West Point, New York

    Robert L. Fanelli

Authors
  1. Robert L. Fanelli
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Centre for Emergent Computing, Napier University, 10 Colinton Road, EH10 5DT, Edinburgh, UK

    Emma Hart  & Chris McEwan  & 

  2. Departments of Computer Science and Electronics, University of York, YO10 5DD, Heslington, York, UK

    Jon Timmis

  3. School of Mathematics, Statistics and Actuarial Science, University of Kent, Cornwallis Building, Canterbury, CT2 7NF, Kent, UK

    Andy Hone

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Fanelli, R.L. (2010). Further Experimentation with Hybrid Immune Inspired Network Intrusion Detection. In: Hart, E., McEwan, C., Timmis, J., Hone, A. (eds) Artificial Immune Systems. ICARIS 2010. Lecture Notes in Computer Science, vol 6209. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-14547-6_21

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-14547-6_21

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-14546-9

  • Online ISBN: 978-3-642-14547-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation