Anti-virus Security and Robustness of Heterogeneous Immune Static Network

Unknown viruses are dangerous for networks, but traditional approaches for recognizing the features of viruses are not good at detecting the unknown viruses. To overcome the bottleneck, a normal model and an immune computation model were proposed with self/non-self representation to detect recognize and eliminate worms in a heterogeneous e-learning network. Inspired from the natural immune system, the immune computation included the steps of detecting self/non-self, recognizing known non-self, learning unknown non-self and eliminating non-self. The self/non-self detection was based on querying in the self database and the self database was built on the normal model of the static network system. After the detection, the recognition of known non-self was based on querying in the non-self database and the recognition of unknown non-self was based on learning unknown non-self. The learning algorithm was designed on the neural network or the learning mechanism from examples. The last step was elimination of all the non-self and failover of the damaged Web system. The immunization of the static network system was programmed with Java to test effectiveness of the approach, after the static network system was infected by some worms. The results of the immunization simulations show that, the immune program can detect all the worms, recognize all known worms and most unknown worms, and eliminate the worms. Moreover, the damaged files of the static network system can all be repaired through the normal model and immunization. Therefore, the normal model and the immune computation model of the static network system are effective in some anti-virus applications.