Distributed Agent Based Model for Intrusion Detection System Based on Artificial Immune System (original) (raw)
Related papers
AN IMMUNE AGENTS SYSTEM FOR NETWORK INTRUSIONS DETECTION
With the development growing of network technology, computer networks became increasingly wide and opened. This evolution gave birth to new techniques allowing accessibility of networks and information systems with an aim of facilitating the transactions. Consequently, these techniques gave also birth to new forms of threats. In this article, we present the utility to use a system of intrusion detection through a presentation of these characteristics. Using as inspiration the immune biological system, we propose a model of artificial immune system which is integrated in the behavior of distributed agents on the network in order to ensure a good detection of intrusions. We also present the internal structure of the immune agents and their capacity to distinguish between self and not self. The agents are able to achieve simultaneous treatments, are able to auto-adaptable to environment evolution and have also the property of distributed coordination.
ARTIFICIAL IMMUNE SYSTEM BASED INTRUSION DETECTION SYSTEMS-A COMPREHENSIVE REVIEW
Intrusion Detection System (IDS) helps us to identify the abnormalities and attacks that can affect the confidentiality, integrity, and availability of the system or network. IDS has a close connection with the processes and mechanisms of Human Immune Systems(HIS) which helps to identify pathogens that can cause harmful diseases in human beings. So it is obvious that mechanisms inspired by HIS can be used in IDS also whose primary function is to detect malicious packets. Artificial immune systems(AIS) thus comes into effect mimicking the processes used by HIS to detect and avoid harmful pathogens. This paper gives a modest insight into intrusion detection techniques that are based on AIS.The works discussed here mainly concentrates on distributed agent based systems. The commonly used algorithms in AIS based IDS is collated and the limitations of existing work as well as future directions in this aspects are discussed.
Intrusion Detection System using Artificial Immune Systems: A Case Study
International journal of advanced research in computer science and software engineering, 2018
Networks are working at their apical efficiency and are increasing in size by every second; emergence of various threats becomes hindrance in the growth and privacy of the users. The network is vulnerable to security breaches, due to malicious nodes. Intrusion detection systems aim at removing this vulnerability. In this paper, intrusion detection mechanisms for large-scale dynamic networks are investigated. Artificial immune system is a concept that works to protect a network the way immune systems of vertebrates work in nature. This paper also illustrates this artificial immune system, the integration of bio-inspired algorithms, and its functionality with the computer networks.
Distributed Network Intrusion Detection System: An Artificial Immune System Approach
—Intrusion detection is the identification of unauthorized use, misuse, and abuse of computer system infrastructures by both system insiders and external intruders. Detecting intrusion in distributed network from outside network segment as well as from inside is a difficult problem. Network based Intrusion Detection System (NIDS) must analyze a large volume of data while not placing a significant added load on the monitoring systems and networks. This paper presents a framework for a distributed network intrusion detection system (dNIDS) based on the artificial immune system concept. In this framework, an adaptive immune mechanism through supervised machine learning methods is proposed to classify network traffic into either normal (" self ") and suspicious profiles (" non-self ") respectively. Experimentally, our approach distributes the NIDS among all connected network segments, allowing NIDS in each segment to identify potential threats individually and enabling the sharing of identified threat vectors between the communicating distributed NIDSs. Analysis of the technique for distribution of this information about threat vectors is presented.
A Review on Hybrid Intrusion Detection System using Artificial Immune System Approaches
International Journal of Computer Applications, 2013
With the growing advances in the technology the uses of computer systems and the internet is also growing at a rapid rate, and with the increase in their usage vulnerabilities and threats are also increasing tremendously. A large number of approaches have been proposed till now for improving the security of a host system and a network. One of the proposed approach is an Intrusion Detection System (IDS). An IDS works for a system is referred as Host IDS and the one that works for a network is referred as Network IDS. But their functionality is specific to particular host and a network, one does not work as an alternative to another. Thus, an IDS is needed that overcomes the drawbacks of both the systems and combines their advantages to form a Hybrid Intrusion Detection System. An Hybrid IDS captures both host and network data and thereby apply an analysis approach. In order to make these systems robust and effective biologically inspired Artificial Immune System (AIS) approaches can be used that makes the system flexible enough to work in every scenario. This paper provides a review of various IDS and application of various AIS approaches to them.
A Survey of Artificial Immune System based Network Intrusion Detection System
— Increased property and additionally the employment of cyberspace have exposed the subversion before of the organizations, there for there is a need to use of intrusion detection system to protect information system and communication network from malicious attacks and unauthorized access. Associate intrusion detection system (IDS) is also a security system that monitors portable computer systems and network traffic, analyze that traffic to identify getable security breaches and elevate alerts. Associate IDS triggers thousands of alerts per day that's powerful for human users to research them and take acceptable actions. It's very important to chop back the warning alerts, intelligently integrate and correlate them therefore on gift a high level browse of the detected security issue to the administrator.
A Network Intrusion Detection Model Based on Immune Multi-Agent
Int'l J. of Communications, Network and System Sciences, 2009
A new network intrusion detection model based on immune multi-agent theory is established and the concept of multi-agents is advanced to realize the logical structure and running mechanism of immune multi-agent as well as multi-level and distributed detection mechanism against network intrusion, using the adaptability, diversity and memory properties of artificial immune algorithm and combing the robustness and distributed character of multi-agents system structure. The experiment results conclude that this system is working pretty well in network security detection.
Immune System Based Intrusion Detection System (IS-IDS): A Proposed Model
IEEE Access, 2020
This paper explores the immunological model and implements it in the domain of intrusion detection on computer networks. The main objective of the paper is to monitor, log the network traffic and apply detection algorithms for detecting intrusions within the network. The proposed model mimics the natural Immune System (IS) by considering both of its layers, innate immune system and adaptive immune system respectively. The current work proposes Statistical Modeling based Anomaly Detection (SMAD) as the first layer of Intrusion Detection System (IDS). It works as the Innate Immune System (IIS) interface and captures the initial traffic of a network to find out the first-hand vulnerability. The second layer, Adaptive Immune-based Anomaly Detection (AIAD) has been considered for determining the features of the suspicious network packets for detection of anomaly. It imitates the adaptive immune system by taking into consideration the activation of the T-cells and the B-cells. It captures relevant features from header and payload portions for effective detection of intrusion. Experiments have been conducted on both the real-time network traffic and the standard datasets KDD99 and UNSW-NB15 for intrusion detection. The SMAD model yields as high as 96.04% true positive rate and around 97% true positive rate using real-time traffic and standard data sets. Highly suspicious traffic detected in the SMAD model is further tested for vulnerability in the AIAD model. Results show significant true positive rate, closer to almost 99% of accurately detecting the file-based and user-based anomalies for both the real-time traffic and standard data sets.
Computer Communications, 2007
There is a strong correlation between the human immune system and a computer network security system. The human immune system protects the human body from pathogenic elements in the same way that a computer security system protects the computer from malicious users. This paper presents a novel intrusion detection model based on artificial immune and mobile agent paradigms for network intrusion detection. The construction of the model is based on registries’ signature analysis using both Syslog-ng and Logcheck unix tools. The tasks of monitoring, distributing intrusion detection workload, storing relevant information, and ensuring data persistence and reactivity have been carried out by the mobile agents, which represent the leukocytes of an artificial immune system. Our real-time based intrusion detection and communication model is host-based and adopts the anomaly detection paradigm. We present our intrusion detection model, discuss its implementation, and report on its performance evaluation using real data provided by an Internet Service Provider and a data processing corporation.