Abstract

The assurance of security within a network is difficult due to the variations of attacks. This research conducts various experiments to implement an Artificial Immune System based Intrusion Detection System to identify intrusions using the Negative Selection Algorithm. This research explores the implementation of an Artificial Immune System opposed to the industry standard of machine learning. Various experiments were conducted to identify a method to separate data to avoid false-positive results. The use of an Artificial Immune System requires a self and nonself classification to determine if an intrusion is present within the network. The results of an Artificial Immune System based Intrusion Detection System achieved high accuracy when the data records were separated by service. The Negative Selection Algorithm created a range and it provided detectors to determine if an intrusion was present based off of the threshold. The threshold is the number of detectors that must be triggered for the system to identify an intrusion. Many services were unusable as they did contain the requirement of both self and nonself data records, that did not overlap. The results were high accuracies in general for the remaining tested services.

Share

COinS
 

Experiments with Applying Artificial Immune System in Network Attack Detection

The assurance of security within a network is difficult due to the variations of attacks. This research conducts various experiments to implement an Artificial Immune System based Intrusion Detection System to identify intrusions using the Negative Selection Algorithm. This research explores the implementation of an Artificial Immune System opposed to the industry standard of machine learning. Various experiments were conducted to identify a method to separate data to avoid false-positive results. The use of an Artificial Immune System requires a self and nonself classification to determine if an intrusion is present within the network. The results of an Artificial Immune System based Intrusion Detection System achieved high accuracy when the data records were separated by service. The Negative Selection Algorithm created a range and it provided detectors to determine if an intrusion was present based off of the threshold. The threshold is the number of detectors that must be triggered for the system to identify an intrusion. Many services were unusable as they did contain the requirement of both self and nonself data records, that did not overlap. The results were high accuracies in general for the remaining tested services.

 

To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.