18 April 2006 AINIDS: an immune-based network intrusion detection system
Author Affiliations +
Abstract
Intrusion detection can be looked as a problem of pattern classification. Since intrusion detection has some intrinsic characteristic such as high dimensional feature spaces, linearity non-differentiation, severe unevenness of normal pattern and anomaly pattern, it is very difficult to detection intrusions directly by use of classical pattern recognition method. Nature immune system is a self-adaptive and self-learning classifier, which can accomplish recognition and classification by learning, remembrance and association. First we use four-tuple to define nature immune system and intrusion detection system, then we give the mathematic formalization description of performance index of intrusion detection system. Finally we design and develop an immune-based network intrusion detection system-- AINIDS, which includes a data collector component, a packet head parser and feature extraction component, antibody generation and antigen detection component, co-stimulation and report component and rule optimization component. The antibody generation and antigen detection component is the key module of AINIDS. In the component the passive immune antibodies and the automatic immune antibodies that include memory automatic immune antibodies and fuzzy automatic immune antibodies are proposed by analogy with natural immune system. The passive immune antibodies inherit available rules and can detect known intrusion rapidly. The automatic immune antibodies integrate statistic method with fuzzy reasoning system to improve the detection performance and can discover novel attacks. AINIDS is tested by the data that we collect from our LANs and by the data from 1999 DARPA intrusion detection evaluation data sets. Both experiments prove AINIDS has good detection rate for old and novel attacks.
© (2006) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Qiao Yan, Jianping Yu, "AINIDS: an immune-based network intrusion detection system", Proc. SPIE 6241, Data Mining, Intrusion Detection, Information Assurance, and Data Networks Security 2006, 62410U (18 April 2006); doi: 10.1117/12.664752; https://doi.org/10.1117/12.664752
PROCEEDINGS
9 PAGES


SHARE
Back to Top