A Two-Level Autonomous Intrusion Detection Model Inspired by the Immune System

Download Full Text
Author(s):
Elnaz B. Noeparast, Reza Ravanmehr
Published Date:
January 05, 2014
Issue:
Volume 4, Issue 1
Page(s):
11 - 17
DOI:
10.7815/ijorcs.41.2014.076
Views:
4067
Downloads:
94

Keywords:
distributed systems, intrusion detection, multi-agent systems, immune system
Citation:
Elnaz B. Noeparast, Reza Ravanmehr, "A Two-Level Autonomous Intrusion Detection Model Inspired by the Immune System". International Journal of Research in Computer Science, 4 (1): pp. 11-17, January 2014. doi:10.7815/ijorcs.41.2014.076 Other Formats

Abstract

There are several methods applied to distributed system security, which have the same absolute view of the intrusion. In their view, an operation could be legitimate or intrusive, which does not have any consistency with the complicated and heterogeneous nature of distributed systems. In this paper, a two level multi-agent model is proposed whose first level determines system’s unsafe behaviors based on anomaly occurrence. Then, its second level calculates the probability of system log operations effectiveness in the case of intrusion happens. If this probability is greater than the first-level prediction, the anomaly is known as intrusion, otherwise it is supposed as an unexpected legal behavior. Therefore, the false positive error probability will decrease. Also, the proposed multi-agent system utilizes the human immune system whose autonomous agents do not need maintenance and detects intrusions without relying on any other central elements, just by using their own learning and interaction capability.

  1. U. A. Sandhu, A. Haider, S. Naseer, O. U. Ateeb, “A Survey of Intrusion Detection & Prevention Techniques”, 16th Singapore, International Conference on Information Communication and Management, 2011, pp. 66-71.
  2. M. Roesch, “Snort – Lightweight Intrusion Detection for Networks”, 13th Washington, USENIX conference on System administration, 1999, pp. 229-238.
  3. L. Panait, S. Luke, “Cooperative Multi-Agent Learning: The State of the Art”. Autonomous Agents and Multi-Agent Systems, 11 (3): pp. 387-434, November 2005. doi:10.1007/s10458-005-2631-2
  4. L. N. de Castro, F. J. Von Zuben, “Learning and Optimization using the Clonal Selection Principles”. IEEE Transactions on Evolutionary Computation, 6 (3): pp. 239-251, June 2002. doi:10.1109/TEVC.2002.1011539
  5. L. N. de Castro, F. J. Von Zuben, “aiNet: an Artificial Immune Network for Data Analysis”. In: Abbass, H.A., Sarker, R.A., Newton, C.S. (Eds.), Data Mining: A Heuristic Approach, pp. 231-259, Idea Group Publishing, USA, 2001.
  6. P. K. Harmer, P. D. Williams, G. H. Gunsch, G. B. Lamont, “A Artificial Immune System Architecture for Computer Security Applications”. IEEE Transactions on Evolutionary Computation, 6 (3): pp. 252-280, June 2002. doi:10.1109/TEVC.2002.1011540
  7. G. Funk, A. Barbour, H. Hengartner, U. Kalinke, “Mathematical Model of a Virus Neutralizing Immunglobulin Response”. Journal of theoretical biology, 195 (1): pp. 41-52, November 1998. doi:10.1006/jtbi.1998.0779
  8. S. Forrest, C. Beauchemin, “Computer Immunology”. Immunological Reviews, 216 (1): pp. 176-197, April 2007. doi:10.1111/j.1600-065X.2007.00499.x
  9. D. E. Kirschner, G. F. Webb, “A Mathematical Model of Combined Drug Therapy of HIV Infection”. Journal of Theoretical Medicine, 1 (1): pp. 25-34, 1997. doi:10.1080/10273669708833004
  10. R. J. DeBoer, P. Hogeweg, H. F. J. Dullens, “Macrophage T Lymphocyte Interactions in the Anti-Tumor Immune Response: A Mathematical Model”. Journal of Immunology, 134 (1): pp. 2748-2758, 1985.
  11. S. Bandini, “Hyper-Cellular Automata for the Simulation of Complex Biological Systems: a Model for the Immune System”. International Journal of Applied Science and Computation, 3: pp. 1, 1996.
  12. N. Fachada, “SimulIm: an Application for the Modelling and Simulation of Complex Systems, Using the Immune System as an Example”. Graduation project report, Higher Technical Institute, Technical University of Lisbon, 2005.
  13. A. Emerson, E. Rossi, “ImmunoGrid - The Virtual Human Immune System Project”. Stud Health Technol Inform,126: pp. 87-92, 2007.
  14. C. Bianca, M. Pennisi, “Immune system modelling by top-down and bottom-up approaches”. International Mathematical Forum, 7 (3): pp. 109-128, 2012.
  15. C. M. Ou, “Host-based Intrusion Detection Dystems Adapted from Agent-based Artificial Immune Systems”. Neurocomputing, 88: pp. 78-86, July 2012. doi:10.1016/j.neucom.2011.07.031
  16. R. B. Machado, A. Boukerche, J. B. M. Sobral, K. R. L. Juc´a, M. S. M. A. Notare, “A Hybrid Artificial Immune and Mobile Agent Intrusion Detection Based Model for Computer Network Operations”, 19th Colorado, International Parallel and Distributed Symposium Processing (IPDPS’05), 2005, pp. 191a. doi:10.1109/IPDPS.2005.33
  17. A. Boukerche, R. B. Machado, K. R. L. Juca´, J. B. M. Sobral, M. S. M. A. Notare, “An Agent based and Biological Inspired Real-Time Intrusion Detection and Security Model for Computer Network Operations”. Computer Communications, 30 (13): pp. 2649-2660, September 2007. doi:10.1016/j.comcom.2007.03.008
  18. A. Byrski, M. Carvalho, “Agent-Based Immunological Intrusion Detection System for Mobile Ad-Hoc Networks”, 8th Poland, International Conference on Computational, 2008, pp. 584-593. doi:10.1007/978-3-540-69389-5_66
  19. A. Herrero, E. Corchado, M. A. Pellicer, A. Abraham, “MOVIH-IDS: A Mobile-Visualization Hybrid Intrusion Detection System”. Neurocomputing, 72 (13-15): pp. 2775-2784, August 2009. doi:10.1016/j.neucom.2008.12.033
  20. K. Murphy, “Janeway's Immunobiology”. Garland Science, 2012.
  21. G. D. M. Serugendo, M. P. Gleizes, A. Karageorgos, “Self-Organization in Multi-Agent Systems”. The Knowledge Engineering Review, 20 (2): pp. 165-189, June 2005. doi:10.1017/S0269888905000494
  22. C. M. Macal, M. J. North, “Tutorial on Agent Based Modeling and Simulation PART 2: How to Model with Agents”, California, Winter Simulation Conference, 2006, pp. 73-83. doi:10.1109/WSC.2006.323040

    Sorry, there are no citation(s) for this manuscript yet.