A cooperative AIS framework for intrusion detection

被引:14
作者
Luther, Katja [1 ]
Bye, Rainer [1 ]
Alpcan, Tansu [2 ]
Mueller, Achim [2 ]
Albayrak, Sahin [1 ]
机构
[1] Tech Univ Berlin, DAI Labor, Franklinstr 28, D-10587 Berlin, Germany
[2] Tech Univ Berlin, Deutsche Telekom Lab, D-10587 Berlin, Germany
来源
2007 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS, VOLS 1-14 | 2007年
关键词
D O I
10.1109/ICC.2007.237
中图分类号
TM [电工技术]; TN [电子技术、通信技术];
学科分类号
0808 ; 0809 ;
摘要
We present a cooperative intrusion detection approach inspired by biological immune system principles and P2P communication techniques to develop a distributed anomaly detection scheme. We utilize dynamic collaboration between individual artificial immune system (AIS) agents to address the well-known false positive problem in anomaly detection. The AIS agents use a set of detectors obtained through negative selection during a training phase and exchange status information and detectors on a periodical and event-driven basis, respectively. This cooperation scheme follows peer-to-peer communication principles in order to avoid a single point of failure and increase the robustness of the system. We illustrate our approach by means of two specific example scenarios in a novel network security simulator.
引用
收藏
页码:1409 / +
页数:2
相关论文
共 21 条
[1]  
ALBAYRAK S, 2005, CIMCA 05 P INT C COM, V2, P123
[2]   A survey of peer-to-peer content distribution technologies [J].
Androutsellis-Theotokis, S ;
Spinellis, D .
ACM COMPUTING SURVEYS, 2004, 36 (04) :335-371
[3]  
[Anonymous], P 1 INT C ART IMM SY
[4]  
[Anonymous], 2006, INTRUSION DETECTION
[5]  
BALTHROP J, 2002, P GEN EV COMP C GECC
[6]  
BOUDAOUD K, 2000, P 2000 IEEE IFIP NET
[7]  
DASGUPTA D, 2001, P DARPA INF SURV C E, V2
[8]  
De Castro L.N., 2002, IEEE T EVOLUTIONARY
[9]  
FENET S, 2001, ELECT NOTES THEOR CO, V63
[10]  
Forrest S., 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy (Cat. No.94CH3444-7), P202, DOI 10.1109/RISP.1994.296580
123