Skip to main content
SpringerLink
Log in

Bait a Trap: Introducing Natural Killer Cells to Artificial Immune System for Spyware Detection

  • Conference paper
Artificial Immune Systems (ICARIS 2012)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 7597))

Included in the following conference series:

Abstract

Artificial Immune System (AIS) achieved some success in malware detection with its distributed, diverse and adaptive characteristics. However, in recent years, malware is evolving quickly in respect of stealth and complexity. This trend has brought a great challenge for AIS, especially when spyware emerged. To solve this problem, natural killer cells (NKs) which can lure latent viruses to expose themselves are introduced to AIS in this paper. We hope their counterparts can enhance the anti-latent capability of AIS by enticement strategy and collaboration with other AIS algorithms. Preliminary results show that artificial NKs can discover tiny abnormalities caused by novel spyware, and then release proper bait (called induction cytokines) to trigger the spyware’s actions which will expose itself to further detection by AIS.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Gilman, N.: Hacking Goes Pro. Engineering & Technology 4(3), 26–29 (2009)

    Article  MathSciNet  Google Scholar 

  2. Thompson, R.: Why Spyware Poses Multiple Threats to Security. Communications of the ACM 48(8), 41–43 (2005)

    Article  Google Scholar 

  3. Borders, K., Zhao, X., Prakash, A.: Siren: Catching Evasive Malware (Short Paper). In: 2006 IEEE Symposium on Security and Privacy, pp. 78–85. IEEE Computer Society, Los Alamitos (2006)

    Google Scholar 

  4. Chandrasekaran, M., Vidyaraman, S., Upadhyaya, S.: SpyCon: Emulating User Activities to Detect Evasive Spyware. In: IEEE Int’l Conference on Performance, Computing, and Communications, pp. 502–509 (2007)

    Google Scholar 

  5. Aycock, J.: Spyware and Adware. Springer, New York (2010)

    Google Scholar 

  6. Shaw, M., Gribble, S.D.: Reverse Firewalls in Denali. In: 5th Symposium on Operating Systems Design and Implementation. USENIX Association, Berkeley (2002)

    Google Scholar 

  7. Borders, K., Prakash, A.: Web Tap: Detecting Covert Web Traffic. In: 11th ACM Conference on Computer and Communications Security, pp. 110–120. ACM Press, New York (2004)

    Google Scholar 

  8. Wang, Y., Roussev, R., Verbowski, C., Johnson, A., Wu, M., Huang, Y., Kuo, S.: Gatekeeper: Monitoring Auto-Start Extensibility Points (ASEPs) for Spyware Management. In: LISA: 18th Systems Administration Conference, pp. 33–46 (2004)

    Google Scholar 

  9. Wang, Y.M., Beck, D., Vo, B., Roussev, R., Verbowski, C.: Detecting stealth software with Strider GhostBuster. In: International Conference on Dependable Systems and Networks, pp. 368–377. IEEE Press, Los Alamitos (2005)

    Google Scholar 

  10. Kirda, E., Kruegel, C., Banks, G., Vigna, G., Kemmerer, R.A.: Behavior-based Spyware Detection. In: 15th USENIX Security Symposium, pp. 273–288. USENIX Association, Berkeley (2006)

    Google Scholar 

  11. Egele, M., Kruegel, C., Kirda, E., Yin, H., Song, D.: Dynamic Spyware Analysis. In: 2007 USENIX Annual Technical Conference. USENIX Association, Berkeley (2007)

    Google Scholar 

  12. Arastouie, N., Razzazi, M.R.: Hunter: An Anti Spyware for Windows Operating System. In: 3rd International Conference on Information and Communication Technologies: From Theory to Applications, pp. 1–5. IEEE Press, Los Alamitos (2008)

    Google Scholar 

  13. Al-Hammadi, Y., Aickelin, U.: Detecting Bots Based on Keylogging Activities. In: 3rd International Conference on Availability, Reliability and Security, pp. 896–902 (2008)

    Google Scholar 

  14. Han, J., Kwon, J., Lee, H.: HoneyID: Unveiling Hidden Spywares by Generating Bogus Events. In: SEC 2008. IFIP, vol. 278, pp. 669–673. Springer, Boston (2008)

    Google Scholar 

  15. Ortolani, S., Giuffrida, C., Crispo, B.: Bait Your Hook: A Novel Detection Technique for Keyloggers. In: Jha, S., Sommer, R., Kreibich, C. (eds.) RAID 2010. LNCS, vol. 6307, pp. 198–217. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  16. Kim, J., Bentley, P.J., Aickelin, U., Greensmith, J., Tedesco, G., Twycross, J.: Immune System Approaches to Intrusion Detection - A Review. Natural Computing 6(4), 413–466 (2007)

    Article  MathSciNet  MATH  Google Scholar 

  17. Al-Hammadi, Y., Aickelin, U., Greensmith, J.: DCA for Bot Detection. In: 2008 IEEE Congress on Evolutionary Computation, pp. 1807–1816. IEEE Press (2008)

    Google Scholar 

  18. Manzoor, S., Shafiq, M., Tabish, S., Farooq, M.: A Sense of ‘Danger’ for Windows Processes. In: Andrews, P.S., Timmis, J., Owens, N.D.L., et al. (eds.) ICARIS 2009. LNCS, vol. 5666, pp. 220–233. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  19. Fu, J., Liang, Y.W., Tan, C.Y., Xiong, X.F.: Detecting Software Keyloggers with Dendritic Cell Algorithm. In: 2010 International Conference on Communications and Mobile Computing, pp. 111–115. IEEE Computer Society, Los Alamitos (2010)

    Chapter  Google Scholar 

  20. Caligiuri, M.A.: Human Natural Killer Cells. Blood 112(3), 461–469 (2008)

    Article  Google Scholar 

  21. Matzinger, P.: Tolerance, Danger, and the Extended Family. Annu. Rev. Immunol. 12, 991–1045 (1994)

    Article  Google Scholar 

  22. Lanier, L.L.: NK Cell Recognition. Annu. Rev. Immunol. 23, 225–274 (2005)

    Article  Google Scholar 

  23. Soderberg-Naucler, C., Fish, K.N., Nelson, J.A.: Reactivation of Latent Human Cytomegalovirus by Allogeneic Stimulation of Blood Cells from Healthy Donors. Cell 91(1), 119–126 (1997)

    Article  Google Scholar 

  24. Guan, H., Moretto, M., Bzik, D.J., Gigley, J., Khan, I.A.: NK Cells Enhance Dendritic Cell Response against Parasite Antigens via NKG2D Pathway. The Journal of Immunology 179, 590–596 (2007)

    Google Scholar 

  25. Piccioli, D., Sbrana, S., Melandri, E., Valiante, N.M.: Contact-dependent Stimulation and Inhibition of Dendritic Cells by Natural Killer Cells. The Journal of Experimental Medicine 195(3), 335–341 (2002)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. The 28th Research Institute of CETC, China

    Jun Fu & Huan Yang

  2. Computer School, Wuhan University, China

    Yiwen Liang & Chengyu Tan

Authors
  1. Jun Fu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Huan Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yiwen Liang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Chengyu Tan
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Departmento de Computación, Centro de Investigacion y de Estudios, Avanzados del Instituto Politecnico Nacional (CINVESTAV-IPN), Av. Insituto Politécnico Nacional No. 2508, Col. San Pedro Zacatenco, 07300, Mexico, D.F., Mexico

    Carlos A. Coello Coello

  2. School of Computer Science, University of Nottingham, Jubilee Campus, Wollaton Road, NG8 1BB, Nottingham, UK

    Julie Greensmith

  3. School of Computer Science, University of Nottingham, Jubilee Campus, Wollaton Road, NG81BB, Nottingham, UK

    Natalio Krasnogor

  4. Computer Laboratory, University of Cambridge, William Gates Building, 15 JJ Thomson Avenue, CB3 0FD, Cambridge, UK

    Pietro Liò

  5. Department of Mathematics and Computer Science, University of Catania, Viale A. Doria 6, 95125, Catania, Italy

    Giuseppe Nicosia  & Mario Pavone  & 

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Fu, J., Yang, H., Liang, Y., Tan, C. (2012). Bait a Trap: Introducing Natural Killer Cells to Artificial Immune System for Spyware Detection. In: Coello Coello, C.A., Greensmith, J., Krasnogor, N., Liò, P., Nicosia, G., Pavone, M. (eds) Artificial Immune Systems. ICARIS 2012. Lecture Notes in Computer Science, vol 7597. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-33757-4_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-33757-4_10

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-33756-7

  • Online ISBN: 978-3-642-33757-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation