skip to main content
10.1145/1276958.1276996acmconferencesArticle/Chapter ViewAbstractPublication PagesgeccoConference Proceedingsconference-collections
Article

Extended thymus action for reducing false positives in ais based network intrusion detection systems

Published: 07 July 2007 Publication History

Abstract

One of the major problems faced by anomaly based Network Intrusion Detection (NID) systems is the high number of false positives. False positives refer to the false detection of normal behavior as malicious behavior. Artificial Immune Systems (AISs) also fall under the category of anomaly based-NID systems. AIS presented in this paper is as a victim-end filter, consisting of detectors distributed on the network, which distinguishes normal traffic from malicious traffic. In this work, we focus on TCP-SYN flood based Distributed Denial of Services (DDoS) attacks. Light Weight Intrusion Detection System (LISYS) provides the basic framework for AIS based NID systems. AISs normally utilize the negative selection algorithm in thymus action to tolerize the detectors to normal traffic so they may not detect normal traffic as malicious traffic. We propose and implement `extended thymus action' model to improve this characteristic of AIS. Results verify that our model significantly reduces false positives which is a major concern in anomaly-based NID systems.

References

[1]
Steven A. Hofmeyr and S. Forrest, "Architecture for an Artificial Immune System", Evolutionary Computation Journal, pp. 443--473, 2000.
[2]
M. Zubair Shafiq, Mehrin Kiani, Bisma Hashmi, Muddassar Farooq, "Extended Thymus Action for Improving AIS based NID system", Technical Report # 2007/EME-DCE-04, National University of Sciences & Technology, Pakistan.

Cited By

View all
  • (2019)Diagnosis of Lung Cancer Using Artificial Immune System2019 Scientific Meeting on Electrical-Electronics & Biomedical Engineering and Computer Science (EBBT)10.1109/EBBT.2019.8742075(1-4)Online publication date: Apr-2019
  • (2007)Defence against 802.11 dos attacks using artificial immune systemProceedings of the 6th international conference on Artificial immune systems10.5555/1776274.1776286(95-106)Online publication date: 26-Aug-2007
  • (2007)Defence Against 802.11 DoS Attacks Using Artificial Immune SystemArtificial Immune Systems10.1007/978-3-540-73922-7_9(95-106)Online publication date: 2007

Index Terms

  1. Extended thymus action for reducing false positives in ais based network intrusion detection systems

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Conferences
    GECCO '07: Proceedings of the 9th annual conference on Genetic and evolutionary computation
    July 2007
    2313 pages
    ISBN:9781595936974
    DOI:10.1145/1276958

    Sponsors

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 07 July 2007

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. artificial immune system
    2. network intrusion detection

    Qualifiers

    • Article

    Conference

    GECCO07
    Sponsor:

    Acceptance Rates

    GECCO '07 Paper Acceptance Rate 266 of 577 submissions, 46%;
    Overall Acceptance Rate 1,669 of 4,410 submissions, 38%

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)0
    • Downloads (Last 6 weeks)0
    Reflects downloads up to 16 Feb 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2019)Diagnosis of Lung Cancer Using Artificial Immune System2019 Scientific Meeting on Electrical-Electronics & Biomedical Engineering and Computer Science (EBBT)10.1109/EBBT.2019.8742075(1-4)Online publication date: Apr-2019
    • (2007)Defence against 802.11 dos attacks using artificial immune systemProceedings of the 6th international conference on Artificial immune systems10.5555/1776274.1776286(95-106)Online publication date: 26-Aug-2007
    • (2007)Defence Against 802.11 DoS Attacks Using Artificial Immune SystemArtificial Immune Systems10.1007/978-3-540-73922-7_9(95-106)Online publication date: 2007

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media