Abstract :
An intrusion detection model AINIDS (an artificial immunological network intrusion detection system) based on the biological immune mechanism is given, which consists of two types of components: detectors and monitor agents. The detectors derive from LISYS (a network-based IDS given by Hofmeyr) and have the same advantages as LISYS has such as: distributability, diversity, error tolerant, dynamic defensive, adaptability, and perfectly integrating the anomaly detection techniques with misuse detection techniques, and so on. Three monitor agents in AINIDS provide the co-stimulation signal to the detectors in order to effectively reduce the false positive alarm. These agents monitor whether the integrity, confidentiality, or availability of a crucial computer system is compromised respectively. Since AINIDS adopts a more objective and reasonable co-stimulation mechanism based on the definition of intrusion and the principle of biological immune than LISYS does, it has very low false positive rate. The preliminary experiment results show the effectiveness of our system
Keywords :
computer network management; evolutionary computation; security of data; LISYS; anomaly detection; artificial immunological network intrusion detection; computer system; immune mechanism; integrity; intrusion detection; intrusion detection model; misuse detection; Biological system modeling; Biology computing; Computer architecture; Computer networks; Computerized monitoring; Detectors; Immune system; Intrusion detection; Libraries; Signal detection;
