An agent based and biological inspired real-time intrusion detection and security model for computer network operations (original) (raw)

AN IMMUNE AGENTS SYSTEM FOR NETWORK INTRUSIONS DETECTION

With the development growing of network technology, computer networks became increasingly wide and opened. This evolution gave birth to new techniques allowing accessibility of networks and information systems with an aim of facilitating the transactions. Consequently, these techniques gave also birth to new forms of threats. In this article, we present the utility to use a system of intrusion detection through a presentation of these characteristics. Using as inspiration the immune biological system, we propose a model of artificial immune system which is integrated in the behavior of distributed agents on the network in order to ensure a good detection of intrusions. We also present the internal structure of the immune agents and their capacity to distinguish between self and not self. The agents are able to achieve simultaneous treatments, are able to auto-adaptable to environment evolution and have also the property of distributed coordination.

An intrusion detection system using ideas from the immune system

… . CEC2004. Congress on, 2004

This paper proposes an intrusion detection framework and presents a prototype for an intrusion detection system based on it. This framework takes architectural inspiration from the human immune system and brings desirable features to intrusion detection systems, such as automated intrusion recovery, attack signature extraction, and potential to improve behavior-based detection. These features are enabled through intrusion evidence detection. The prototype, called ADENOIDS, is designed to deal with application attacks, extracting signature for remote buffer overflow attacks. The framework and ADENOIDS are described and experimental results are presented.

Distributed Agent Based Model for Intrusion Detection System Based on Artificial Immune System

International Journal of Digital Content Technology and its Applications

With mounting global network connectivity, the issue of intrusion has achieved importance, promoting active research on efficient Intrusion Detection Systems (IDS). Artificial Immune System (AIS) is a new bio-inspired model which is applied for solving various problems in the field of information security. Because of its unique features, (self-learning, self-adaptation and selfimprovement), AIS has been utilized to design new anomaly base IDS. In this paper we have introduced a new distributed, agent based design of AIS based IDS. In our model detectors are distributed in each host in network while the central engine is located in server which manages the detectors and make final decision about current intrusion based on previous experience of all of the hosts in network. In our purposed model detector agents in each host is actively updated and synchronized with detector agents of other hosts through our IDS's central engine.

Intrusion Detection System using Artificial Immune Systems: A Case Study

International journal of advanced research in computer science and software engineering, 2018

Networks are working at their apical efficiency and are increasing in size by every second; emergence of various threats becomes hindrance in the growth and privacy of the users. The network is vulnerable to security breaches, due to malicious nodes. Intrusion detection systems aim at removing this vulnerability. In this paper, intrusion detection mechanisms for large-scale dynamic networks are investigated. Artificial immune system is a concept that works to protect a network the way immune systems of vertebrates work in nature. This paper also illustrates this artificial immune system, the integration of bio-inspired algorithms, and its functionality with the computer networks.

An artificial immune based intrusion detection model for computer and telecommunication systems

Parallel Computing, 2004

Recent years have seen a growing interest in computational methods based upon natural phenomena with biologically inspired techniques, such as cellular automata, immune human systems, neural networks, DNA and molecular computing. Some of these techniques are classified under the realm of a general paradigm, called bio-computing. In this paper, we propose a security system for fraud detection of intruders and improper use of both computer system and mobile telecommunication operations. Our technique is based upon data analysis inspired by the natural immune human system. We show how immune metaphors can be used efficiently to tackle this challenging problem. We also describe how our scheme extracts salient features of the immune human system and maps them within a software package designed to identify security violations of a computer system and unusual activities according to the usage log files. Our results indicate that our system shows a significant size reduction of the logs file (i.e., registration of each log activity), and thereby the size of the report maintained by the computer system manager. This might help the system manager to monitor and observe unusual activities on the machine hosts more efficiently, as they happen, and can * Corresponding author. E-mail addresses: boukerch@site.uottawa.ca (A. Boukerche), kathia@npd.ufsc.br (K.R.L. Juc a), bosco@inf.ufsc.br (J.B. Sobral), mirela@barddal.br (M.S.M.A. Notare). Parallel Computing 30 (2004) 629-646

Intrusion Prevention System Inspired Immune Systems

Indonesian Journal of Electrical Engineering and Computer Science, 2016

In view of new communication and information technologies that appeared with the emergence of networks and Internet, the computer security became a major challenge, and works in this research axis are increasingly numerous. Various tools and mechanisms are developed in order to guarantee a safety level up to the requirements of modern life. Among them, intrusion detection and prevention systems (IDPS) intended to locate activities or abnormal behaviors suspect to be detrimental to the correct operation of the system. The purpose of this work is the design and the realization of an IDPS inspired from natural immune systems. The study of biological systems to get inspired from them for the resolution of computer science problems is an axis of the artificial intelligence field which gave rise to robust and effective methods by their natural function, the immune systems aroused the interest of researchers in the intrusion detection field, taking into account the similarities of natural immune system (NIS) and IDPS objectives. Within the framework of this work, we conceived an IDPS inspired from natural immune system and implemented by using a directed approach. A platform was developed and tests were carried out in order to assess our system performances.

A Two-Level Autonomous Intrusion Detection Model Inspired by the Immune System

International Journal of Research in Computer Science, 2014

There are several methods applied to distributed system security, which have the same absolute view of the intrusion. In their view, an operation could be legitimate or intrusive, which does not have any consistency with the complicated and heterogeneous nature of distributed systems. In this paper, a two level multi-agent model is proposed whose first level determines system's unsafe behaviors based on anomaly occurrence. Then, its second level calculates the probability of system log operations effectiveness in the case of intrusion happens. If this probability is greater than the first-level prediction, the anomaly is known as intrusion, otherwise it is supposed as an unexpected legal behavior. Therefore, the false positive error probability will decrease. Also, the proposed multi-agent system utilizes the human immune system whose autonomous agents do not need maintenance and detects intrusions without relying on any other central elements, just by using their own learning and interaction capability.

Design and Implementation of an Intrusion Prevention System Inspired Immune Systems

Int. J. Netw. Secur., 2017

In view of the recent advances of communication and information technology along with the growing need for online networking, computer security has become a challenge to almost all the studies that have been carried out in this research axis. So far, various tools and mechanisms have been developed in order to guarantee a safety level up to the requirements of modern life. Among these, intrusion detection and prevention systems (IDPS) tend to locate activities or abnormal behaviors suspect to be detrimental to the correct operation of the system. In this respect, this work targets the design and the realization of an IDPS inspired from natural immune systems. The immune systems have aroused the interest of researchers in the intrusion detection field, taking into account the similarities of NIS (Natural Immune System) and IDPS objectives. Within the Framework of this work, we conceived an IDPS inspired from natural immune system and implemented by using a directed approach. A platfo...

Immune System Based Intrusion Detection System (IS-IDS): A Proposed Model

IEEE Access, 2020

This paper explores the immunological model and implements it in the domain of intrusion detection on computer networks. The main objective of the paper is to monitor, log the network traffic and apply detection algorithms for detecting intrusions within the network. The proposed model mimics the natural Immune System (IS) by considering both of its layers, innate immune system and adaptive immune system respectively. The current work proposes Statistical Modeling based Anomaly Detection (SMAD) as the first layer of Intrusion Detection System (IDS). It works as the Innate Immune System (IIS) interface and captures the initial traffic of a network to find out the first-hand vulnerability. The second layer, Adaptive Immune-based Anomaly Detection (AIAD) has been considered for determining the features of the suspicious network packets for detection of anomaly. It imitates the adaptive immune system by taking into consideration the activation of the T-cells and the B-cells. It captures relevant features from header and payload portions for effective detection of intrusion. Experiments have been conducted on both the real-time network traffic and the standard datasets KDD99 and UNSW-NB15 for intrusion detection. The SMAD model yields as high as 96.04% true positive rate and around 97% true positive rate using real-time traffic and standard data sets. Highly suspicious traffic detected in the SMAD model is further tested for vulnerability in the AIAD model. Results show significant true positive rate, closer to almost 99% of accurately detecting the file-based and user-based anomalies for both the real-time traffic and standard data sets.

An Artificial Immune System Architecture for Computer Security Applications

IEEE Transactions on …, 2002

With increased global interconnectivity, reliance on e-commerce, network services, and Internet communication, computer security has become a necessity. Organizations must protect their systems from intrusion and computer-virus attacks. Such protection must detect anomalous patterns by exploiting known signatures while monitoring normal computer programs and network usage for abnormalities. Current antivirus and network intrusion detection (ID) solutions can become overwhelmed by the burden of capturing and classifying new viral stains and intrusion patterns. To overcome this problem, a self-adaptive distributed agent-based defense immune system based on biological strategies is developed within a hierarchical layered architecture. A prototype interactive system is designed, implemented in Java, and tested. The results validate the use of a distributed-agent biological-system approach toward the computer-security problems of virus elimination and ID.