Skip to main content
SpringerLink
Log in

A novel intrusion detection approach learned from the change of antibody concentration in biological immune response

  • Published:
Applied Intelligence Aims and scope Submit manuscript

Abstract

Inspired by the relationship between the antibody concentration and the intrusion network traffic pattern intensity, we present a Novel Intrusion Detection Approach learned from the change of Antibody Concentration in biological immune response (NIDAAC) to reduce false alarm rate without affecting detection rate. In NIDAAC, the concepts and formal definitions of self, nonself, antibody, antigen and detector in the intrusion detection domain are given. Then, in initial IDS, new detectors are generated from the gene library and tested by the negative selection. In every effective IDS node, according to the intrusion network traffic pattern intensity, the change of antibody number is recorded from the process of clone proliferation based on the detector evolution. Finally, building upon the above works, a probabilistic calculation model for intrusion alarm production, which is based on the correlation between the antibody concentration and the intrusion network traffic pattern intensity, is proposed. Compared with Naive Bayes (NB), Multilevel Classifier (AdaBoost) and Hidden Markov Model (HMM), the false alarm rate of NIDAAC is reduced by 8.66%, 4.93% and 6.36%, respectively. Our theoretical analysis and experimental results show that NIDAAC has a better performance than previous approaches.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Li T (2005) An introduction to computer network security. Publishing House of Electronics Industry, Beijing

    Google Scholar 

  2. Kemmerer RA, Vigna G (2005) HI-DRA: Intrusion detection for Internet security. Proc. IEEE 93(10):1848–1857

    Article  Google Scholar 

  3. Hamsici OC, Martinez AM (2008) Bayes optimality in linear discriminant analysis. IEEE Trans Pattern Anal Mach Intell 30(4):647–657

    Article  Google Scholar 

  4. Hu WM, Hu W, Maybank S (2008) Adaboost-based algorithm for network intrusion detection. IEEE Trans Syst Man Cybern Part B—Cybern 38(2):577–583

    Article  Google Scholar 

  5. Hu JK, Yu XH, Qiu D (2009) A simple and efficient hidden Markov model scheme for host-based anomaly intrusion detection. IEEE Netw 37(2):373–384

    Google Scholar 

  6. Forrest S, Hofmeyr SA (1997) Computer immunology. Commun ACM 40(10):88–96

    Article  Google Scholar 

  7. Li T (2004) Computer immunology. Publishing House of Electronics Industry, Beijing

    Google Scholar 

  8. Forrest S, Perelson AS (1994) Self-nonself discrimination in a computer. In: Proceedings of IEEE international symposium on security and privacy, Oakland, pp 202–212

  9. Kim J, Bentley P (2002) Towards an artificial immune system for network intrusion detection: an investigation of dynamic clonal selection. In: Proceedings of IEEE congress on evolutionary computation, Honolulu, pp 1015–1020

  10. Li T (2005) An immune based dynamic intrusion detection model. Chin Sci Bull 50(22):2650–2657

    MATH  Google Scholar 

  11. Mullighan CG, Philips LA, Su XP (2008) Genomic analysis of the clonal origins of relapsed acute lymphoblastic leukemia. Science 322(5906):1377–1380

    Article  Google Scholar 

  12. Burnet FM (1959) The clonal selection theory of acquired immunity. Cambridge University Press, New York

    Google Scholar 

  13. Han BR, Herrin BR, Cooper MD (2008) Antigen recognition by variable lymphocyte receptors. Science 321(5897):1834–1837

    Article  Google Scholar 

  14. Wrammert J, Smith K, Miller J (2008) Rapid cloning of high affinity human monoclonal antibodies against influenza virus. Nature 453(7195):667–672

    Article  Google Scholar 

  15. Jerne NK (1974) Towards a network theory of the immune system. Ann Immunol (Inst Pasteur) 125C:373–389

    Google Scholar 

  16. Lee KH, Holdorf AD, Dustin ML (2002) T cell receptor signaling precedes immunological synapse formation. Science 295(5559):1539–1542

    Article  Google Scholar 

  17. Kim J (2002) Integrating artificial immune algorithms for intrusion detection. Dissertation, University of London

  18. Perelson AS, Weisbuch G (1997) Immunology for physicists. Rev Mod Phys 69(4):1219–1267

    Article  Google Scholar 

  19. Li T (2008) Dynamic detection for computer virus based on immune system. Sci China Ser F 51(10):1475–1486

    Article  MathSciNet  MATH  Google Scholar 

  20. Aydin MA, Zaim AH, Ceylan KG (2009) A hybrid intrusion detection system design for computer network security. Comput Electr Eng 35(3):517–526

    Article  MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Sichuan University, Chengdu, China

    Jie Zeng, Xiaojie Liu, Tao Li, Guiyang Li & Haibo Li

  2. School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, China

    Jinquan Zeng

Authors
  1. Jie Zeng
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Xiaojie Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tao Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Guiyang Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Haibo Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Jinquan Zeng
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Xiaojie Liu.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Zeng, J., Liu, X., Li, T. et al. A novel intrusion detection approach learned from the change of antibody concentration in biological immune response. Appl Intell 35, 41–62 (2011). https://doi.org/10.1007/s10489-009-0202-y

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10489-009-0202-y

Search

Navigation