Skip to main content
SpringerLink
Log in
Book cover

International Conference on Artificial Immune Systems

ICARIS 2011: Artificial Immune Systems pp 334–347Cite as

Tunable Immune Detectors for Behaviour-Based Network Intrusion Detection

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 6825))

Abstract

Computer networks are highly dynamic environments in which the meaning of normal and anomalous behaviours can drift considerably throughout time. Behaviour-based Network Intrusion Detection System (NIDS) have thus to cope with the temporal normality drift intrinsic on computer networks, by tuning adaptively its level of response, in order to be able to distinguish harmful from harmless network traffic flows. In this paper we put forward the intrinsic Tunable Activation Threshold (TAT) theory ability to adaptively tolerate normal drifting network traffic flows. This is embodied on the TAT-NIDS, a TAT-based Artificial Immune System (AIS) we have developed for network intrusion detection. We describe the generic AIS framework we have developed to assemble TAT-NIDS and present the results obtained thus far on processing real network traffic data sets. We also compare the performance obtained by TAT-NIDS with the well known and widely deployed signature-based snort network intrusion detection system.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Cohen, I.: Tending Adam’s Garden: evolving the cognitive immune self. Academic Press, San Diego (2000)

    Google Scholar 

  2. Castro, L., Timmis, J.: Artificial Immune Systems: A New Computational Intelligence Approach. Springer, Heidelberg (2002)

    MATH  Google Scholar 

  3. Flower, D., Timmis, J.: In silico immunology. Springer, Heidelberg (2007)

    Book  Google Scholar 

  4. Kim, J., Bentley, P., Aickelin, U., Greensmith, J., Tedesco, G., Twycross, J.: Immune system approaches to intrusion detection - a review. Journal of Natural Computing 6(4), 413–466 (2007)

    Article  MathSciNet  MATH  Google Scholar 

  5. Dasgupta, D., Yu, S., Nino, F.: Recent Advances in AIS: Models and Applications. J. Applied Soft. Computing 11, 1574–1587 (2010)

    Article  Google Scholar 

  6. Grossman, Z., Paul, W.: Adaptive cellular interactions in the immune system: The tunable activation threshold and the significance of subthreshold responses. National Academy of Sciences 89(21), 10365–10369 (1992)

    Article  Google Scholar 

  7. Carneiro, J., Paixão, T., Milutinovic, D., Sousa, J., Leon, K., Gardner, R., Faro, J.: Immunological self-tolerance: Lessons from mathematical modeling. Journal of Computational and Applied Mathematics 184(1), 77–100 (2005)

    Article  MathSciNet  MATH  Google Scholar 

  8. Antunes, M., Correia, M.: TAT-NIDS: an immune-based anomaly detection architecture for network intrusion detection. In: Proceedings of IWPACBB, Advances in Intelligent and Soft. Computing, vol. 49, pp. 60–67 (2008)

    Google Scholar 

  9. Andrews, P., Timmis, J.: Tunable Detectors for Artificial Immune Systems: From Model to Algorithm. Bioinformatics for Immunomics (Ed. Springer) 3, 103–127 (2010)

    Google Scholar 

  10. Andrews, P.S., Timmis, J.: Adaptable lymphocytes for artificial immune systems. In: Bentley, P.J., Lee, D., Jung, S. (eds.) ICARIS 2008. LNCS, vol. 5132, pp. 376–386. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  11. Caswell, B., Beale, J.: Snort Intrusion Detection and Prevention Toolkit. Syngress Press (2007)

    Google Scholar 

  12. Antunes, M., Correia, M.: Self tolerance by tuning t-cell activation: an artificial immune system for anomaly detection. In: LNICST, Springer, Heidelberg (2010)

    Google Scholar 

  13. Helton, J., Davis, F.: Latin hypercube sampling and the propagation of uncertainty in analyses of complex systems. Reliability Engineering and System Safety 81(1), 23–69 (2003)

    Article  Google Scholar 

  14. Lippmann, R., Haines, J., Fried, D., Korba, J., Das, K.: The 1999 DARPA off-line intrusion detection evaluation. Computer Networks 34, 579–595 (2000)

    Article  Google Scholar 

  15. McHugh, J.: Testing intrusion detection systems: A critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory. ACM Transactions on Information and System Security 3(4), 262–294 (2000)

    Article  Google Scholar 

  16. Massicotte, F., Gagnon, F., Labiche, Y., Briand, L., Couture, M.: Automatic evaluation of intrusion detection systems. In: Proceedings of ACSAC, pp. 361–370. IEEE, Los Alamitos (2006)

    Google Scholar 

  17. Antunes, M., Silva, C., Ribeiro, B., Correia, M.: A hybrid ais-svm ensemble approach for text classification. In: Dobnikar, A., Lotrič, U., Šter, B. (eds.) ICANNGA 2011, Part II. LNCS, vol. 6594, pp. 342–352. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Technology and Management, Polytechnic Institute of Leiria, Portugal

    Mário Antunes

  2. Center for Research in Advanced Computing Systems (CRACS-INESC LA), Faculty of Science, University of Porto, Portugal

    Mário Antunes & Manuel E. Correia

Authors
  1. Mário Antunes
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Manuel E. Correia
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Computer Laboratory, University of Cambridge, William Gates Building, 15 JJ Thomson Avenue, CB3 0FD, Cambridge, UK

    Pietro Liò

  2. Department of Mathematics and Computer Science, University of Catania, Viale A. Doria, 6, 95125, Catania, Italy

    Giuseppe Nicosia

  3. Chair for IT Security (I20), Technische Universität München, Boltzmannstraße 3, 85748, Garching, Germany

    Thomas Stibor

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Antunes, M., Correia, M.E. (2011). Tunable Immune Detectors for Behaviour-Based Network Intrusion Detection. In: Liò, P., Nicosia, G., Stibor, T. (eds) Artificial Immune Systems. ICARIS 2011. Lecture Notes in Computer Science, vol 6825. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22371-6_29

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-22371-6_29

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-22370-9

  • Online ISBN: 978-3-642-22371-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation