1
|
Limon-Cantu D, Alarcon-Aquino V. Multiresolution dendritic cell algorithm for network anomaly detection. PeerJ Comput Sci 2021; 7:e749. [PMID: 34805504 PMCID: PMC8576553 DOI: 10.7717/peerj-cs.749] [Citation(s) in RCA: 0] [Impact Index Per Article: 0] [Reference Citation Analysis] [Abstract] [Key Words] [Track Full Text] [Figures] [Journal Information] [Subscribe] [Scholar Register] [Received: 07/08/2021] [Accepted: 09/27/2021] [Indexed: 06/13/2023]
Abstract
Anomaly detection in computer networks is a complex task that requires the distinction of normality and anomaly. Network attack detection in information systems is a constant challenge in computer security research, as information systems provide essential services for enterprises and individuals. The consequences of these attacks could be the access, disclosure, or modification of information, as well as denial of computer services and resources. Intrusion Detection Systems (IDS) are developed as solutions to detect anomalous behavior, such as denial of service, and backdoors. The proposed model was inspired by the behavior of dendritic cells and their interactions with the human immune system, known as Dendritic Cell Algorithm (DCA), and combines the use of Multiresolution Analysis (MRA) Maximal Overlap Discrete Wavelet Transform (MODWT), as well as the segmented deterministic DCA approach (S-dDCA). The proposed approach is a binary classifier that aims to analyze a time-frequency representation of time-series data obtained from high-level network features, in order to classify data as normal or anomalous. The MODWT was used to extract the approximations of two input signal categories at different levels of decomposition, and are used as processing elements for the multi resolution DCA. The model was evaluated using the NSL-KDD, UNSW-NB15, CIC-IDS2017 and CSE-CIC-IDS2018 datasets, containing contemporary network traffic and attacks. The proposed MRA S-dDCA model achieved an accuracy of 97.37%, 99.97%, 99.56%, and 99.75% for the tested datasets, respectively. Comparisons with the DCA and state-of-the-art approaches for network anomaly detection are presented. The proposed approach was able to surpass state-of-the-art approaches with UNSW-NB15 and CSECIC-IDS2018 datasets, whereas the results obtained with the NSL-KDD and CIC-IDS2017 datasets are competitive with machine learning approaches.
Collapse
|
2
|
Applications of artificial immune systems to computer security: A survey. JOURNAL OF INFORMATION SECURITY AND APPLICATIONS 2017. [DOI: 10.1016/j.jisa.2017.06.007] [Citation(s) in RCA: 27] [Impact Index Per Article: 3.9] [Reference Citation Analysis] [Track Full Text] [Subscribe] [Scholar Register] [Indexed: 11/19/2022]
|
3
|
Liu R, Li J, Song X, Yu X, Jiao L. Simulated annealing-based immunodominance algorithm for multi-objective optimization problems. Knowl Inf Syst 2017. [DOI: 10.1007/s10115-017-1065-x] [Citation(s) in RCA: 3] [Impact Index Per Article: 0.4] [Reference Citation Analysis] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 11/28/2022]
|
4
|
Liu R, Song X, Fang L, Jiao L. An r-dominance-based preference multi-objective optimization for many-objective optimization. Soft comput 2016. [DOI: 10.1007/s00500-016-2098-x] [Citation(s) in RCA: 11] [Impact Index Per Article: 1.4] [Reference Citation Analysis] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 11/29/2022]
|
5
|
A survey of artificial immune system based intrusion detection. ScientificWorldJournal 2014; 2014:156790. [PMID: 24790549 PMCID: PMC3981469 DOI: 10.1155/2014/156790] [Citation(s) in RCA: 23] [Impact Index Per Article: 2.3] [Reference Citation Analysis] [Abstract] [Track Full Text] [Download PDF] [Figures] [Journal Information] [Subscribe] [Scholar Register] [Received: 11/28/2013] [Accepted: 12/30/2013] [Indexed: 11/17/2022] Open
Abstract
In the area of computer security, Intrusion Detection (ID) is a mechanism that attempts to discover abnormal access to computers by analyzing various interactions. There is a lot of literature about ID, but this study only surveys the approaches based on Artificial Immune System (AIS). The use of AIS in ID is an appealing concept in current techniques. This paper summarizes AIS based ID methods from a new view point; moreover, a framework is proposed for the design of AIS based ID Systems (IDSs). This framework is analyzed and discussed based on three core aspects: antibody/antigen encoding, generation algorithm, and evolution mode. Then we collate the commonly used algorithms, their implementation characteristics, and the development of IDSs into this framework. Finally, some of the future challenges in this area are also highlighted.
Collapse
|
6
|
Cai Q, Gong M, Ma L, Jiao L. A Novel Clonal Selection Algorithm for Community Detection in Complex Networks. Comput Intell 2014. [DOI: 10.1111/coin.12031] [Citation(s) in RCA: 18] [Impact Index Per Article: 1.8] [Reference Citation Analysis] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 11/26/2022]
Affiliation(s)
- Qing Cai
- Key Laboratory of Intelligent Perception and Image Understanding of Ministry of Education; Xidian University, Xi'an; China
| | - Maoguo Gong
- Key Laboratory of Intelligent Perception and Image Understanding of Ministry of Education; Xidian University, Xi'an; China
| | - Lijia Ma
- Key Laboratory of Intelligent Perception and Image Understanding of Ministry of Education; Xidian University, Xi'an; China
| | - Licheng Jiao
- Key Laboratory of Intelligent Perception and Image Understanding of Ministry of Education; Xidian University, Xi'an; China
| |
Collapse
|
7
|
|
8
|
Mohammadi M, Raahemi B, Akbari A, Nassersharif B, Moeinzadeh H. Improving linear discriminant analysis with artificial immune system-based evolutionary algorithms. Inf Sci (N Y) 2012. [DOI: 10.1016/j.ins.2011.11.032] [Citation(s) in RCA: 17] [Impact Index Per Article: 1.4] [Reference Citation Analysis] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 11/28/2022]
|
9
|
|
10
|
Algorithms in nature: the convergence of systems biology and computational thinking. Mol Syst Biol 2011; 7:546. [PMID: 22068329 PMCID: PMC3261700 DOI: 10.1038/msb.2011.78] [Citation(s) in RCA: 73] [Impact Index Per Article: 5.6] [Reference Citation Analysis] [Abstract] [Track Full Text] [Download PDF] [Figures] [Journal Information] [Subscribe] [Scholar Register] [Received: 05/17/2011] [Accepted: 09/07/2011] [Indexed: 01/30/2023] Open
Abstract
Biologists rely on computational methods to analyze and integrate large data sets, while several computational methods were inspired by the high-level design principles of biological systems. This Perspectives discusses the recent convergence of these two ways of thinking. Computer science and biology have enjoyed a long and fruitful relationship for decades. Biologists rely on computational methods to analyze and integrate large data sets, while several computational methods were inspired by the high-level design principles of biological systems. Recently, these two directions have been converging. In this review, we argue that thinking computationally about biological processes may lead to more accurate models, which in turn can be used to improve the design of algorithms. We discuss the similar mechanisms and requirements shared by computational and biological processes and then present several recent studies that apply this joint analysis strategy to problems related to coordination, network analysis, and tracking and vision. We also discuss additional biological processes that can be studied in a similar manner and link them to potential computational problems. With the rapid accumulation of data detailing the inner workings of biological systems, we expect this direction of coupling biological and computational studies to greatly expand in the future.
Collapse
|
11
|
Mohammad AH, Zitar RA. Application of genetic optimized artificial immune system and neural networks in spam detection. Appl Soft Comput 2011. [DOI: 10.1016/j.asoc.2011.02.021] [Citation(s) in RCA: 15] [Impact Index Per Article: 1.2] [Reference Citation Analysis] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 10/18/2022]
|
12
|
|
13
|
Haktanirlar Ulutas B, Kulturel-Konak S. A review of clonal selection algorithm and its applications. Artif Intell Rev 2011. [DOI: 10.1007/s10462-011-9206-1] [Citation(s) in RCA: 87] [Impact Index Per Article: 6.7] [Reference Citation Analysis] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 11/29/2022]
|
14
|
Liu R, Jiao L, Li Y, Liu J. An immune memory clonal algorithm for numerical and combinatorial optimization. ACTA ACUST UNITED AC 2010. [DOI: 10.1007/s11704-010-0573-6] [Citation(s) in RCA: 3] [Impact Index Per Article: 0.2] [Reference Citation Analysis] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 11/30/2022]
|
15
|
Zhao X, Liu G, Liu H, Zhao G, Niu S. A New Clonal Selection Immune Algorithm with Perturbation Guiding Search and Non-uniform Hypermutation. INT J COMPUT INT SYS 2010. [DOI: 10.1080/18756891.2010.9727749] [Citation(s) in RCA: 0] [Impact Index Per Article: 0] [Reference Citation Analysis] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 10/26/2022] Open
|
16
|
Timmis J, Andrews P, Hart E. On artificial immune systems and swarm intelligence. SWARM INTELLIGENCE 2010. [DOI: 10.1007/s11721-010-0045-5] [Citation(s) in RCA: 34] [Impact Index Per Article: 2.4] [Reference Citation Analysis] [Track Full Text] [Subscribe] [Scholar Register] [Indexed: 11/24/2022]
|
17
|
|
18
|
|
19
|
Hong H, Wenli D, Feng Q, Weimin Z. Operation Condition Optimization of p-Xylene Oxidation Reaction Process Based on a Fuzzy Adaptive Immune Algorithm. Ind Eng Chem Res 2010. [DOI: 10.1021/ie900969c] [Citation(s) in RCA: 11] [Impact Index Per Article: 0.8] [Reference Citation Analysis] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 11/28/2022]
Affiliation(s)
- He Hong
- College of Information, Mechanical and Electronic Engineering, Shanghai Normal University, Shanghai 201418, China, Key Laboratory of Advanced Control and Optimization for Chemical Processes, Ministry of Education, and State-Key Laboratory of Chemical Engineering, East China University of Science and Technology, Shanghai 200237, China
| | - Du Wenli
- College of Information, Mechanical and Electronic Engineering, Shanghai Normal University, Shanghai 201418, China, Key Laboratory of Advanced Control and Optimization for Chemical Processes, Ministry of Education, and State-Key Laboratory of Chemical Engineering, East China University of Science and Technology, Shanghai 200237, China
| | - Qian Feng
- College of Information, Mechanical and Electronic Engineering, Shanghai Normal University, Shanghai 201418, China, Key Laboratory of Advanced Control and Optimization for Chemical Processes, Ministry of Education, and State-Key Laboratory of Chemical Engineering, East China University of Science and Technology, Shanghai 200237, China
| | - Zhong Weimin
- College of Information, Mechanical and Electronic Engineering, Shanghai Normal University, Shanghai 201418, China, Key Laboratory of Advanced Control and Optimization for Chemical Processes, Ministry of Education, and State-Key Laboratory of Chemical Engineering, East China University of Science and Technology, Shanghai 200237, China
| |
Collapse
|
20
|
|
21
|
Cooper EL. Evolution of immune systems from self/not self to danger to artificial immune systems (AIS). Phys Life Rev 2010; 7:55-78. [DOI: 10.1016/j.plrev.2009.12.001] [Citation(s) in RCA: 49] [Impact Index Per Article: 3.5] [Reference Citation Analysis] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Received: 10/15/2009] [Revised: 11/02/2009] [Accepted: 12/18/2009] [Indexed: 01/04/2023]
|
22
|
Wu SX, Banzhaf W. The use of computational intelligence in intrusion detection systems: A review. Appl Soft Comput 2010. [DOI: 10.1016/j.asoc.2009.06.019] [Citation(s) in RCA: 216] [Impact Index Per Article: 15.4] [Reference Citation Analysis] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 10/20/2022]
|
23
|
Gong M, Jiao L, Liu F, Ma W. Immune algorithm with orthogonal design based initialization, cloning, and selection for global optimization. Knowl Inf Syst 2009. [DOI: 10.1007/s10115-009-0261-8] [Citation(s) in RCA: 17] [Impact Index Per Article: 1.1] [Reference Citation Analysis] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 10/20/2022]
|
24
|
Igawa K, Ohashi H. A negative selection algorithm for classification and reduction of the noise effect. Appl Soft Comput 2009. [DOI: 10.1016/j.asoc.2008.05.003] [Citation(s) in RCA: 36] [Impact Index Per Article: 2.4] [Reference Citation Analysis] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 11/25/2022]
|
25
|
Gong M, Jiao L, Zhang X. A population-based artificial immune system for numerical optimization. Neurocomputing 2008. [DOI: 10.1016/j.neucom.2007.12.041] [Citation(s) in RCA: 43] [Impact Index Per Article: 2.7] [Reference Citation Analysis] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 11/26/2022]
|
26
|
He H, Qian F, Du W. A chaotic immune algorithm with fuzzy adaptive parameters. ASIA-PAC J CHEM ENG 2008. [DOI: 10.1002/apj.204] [Citation(s) in RCA: 6] [Impact Index Per Article: 0.4] [Reference Citation Analysis] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 11/05/2022]
|
27
|
Markowska-Kaczmar U, Kordas B. Multi-class iteratively refined negative selection classifier. Appl Soft Comput 2008. [DOI: 10.1016/j.asoc.2007.07.012] [Citation(s) in RCA: 12] [Impact Index Per Article: 0.8] [Reference Citation Analysis] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 11/27/2022]
|
28
|
|
29
|
|
30
|
Gong M, Jiao L, Du H, Bo L. Multiobjective immune algorithm with nondominated neighbor-based selection. EVOLUTIONARY COMPUTATION 2008; 16:225-255. [PMID: 18554101 DOI: 10.1162/evco.2008.16.2.225] [Citation(s) in RCA: 102] [Impact Index Per Article: 6.4] [Reference Citation Analysis] [Abstract] [MESH Headings] [Track Full Text] [Subscribe] [Scholar Register] [Indexed: 05/26/2023]
Abstract
Abstract Nondominated Neighbor Immune Algorithm (NNIA) is proposed for multiobjective optimization by using a novel nondominated neighbor-based selection technique, an immune inspired operator, two heuristic search operators, and elitism. The unique selection technique of NNIA only selects minority isolated nondominated individuals in the population. The selected individuals are then cloned proportionally to their crowding-distance values before heuristic search. By using the nondominated neighbor-based selection and proportional cloning, NNIA pays more attention to the less-crowded regions of the current trade-off front. We compare NNIA with NSGA-II, SPEA2, PESA-II, and MISA in solving five DTLZ problems, five ZDT problems, and three low-dimensional problems. The statistical analysis based on three performance metrics including the coverage of two sets, the convergence metric, and the spacing, show that the unique selection method is effective, and NNIA is an effective algorithm for solving multiobjective optimization problems. The empirical study on NNIA's scalability with respect to the number of objectives shows that the new algorithm scales well along the number of objectives.
Collapse
Affiliation(s)
- Maoguo Gong
- Key Laboratory of Intelligent Perception and Image Understanding of Ministry of Education of China, Institute of Intelligent Information Processing, Xidian University, Xi'an, China.
| | | | | | | |
Collapse
|
31
|
Abstract
Here I present the idea that the immune system uses a computational strategy to carry out its many functions in protecting and maintaining the body. Along the way, I define the concepts of computation, Turing machines and system states. I attempt to show that reframing our view of the immune system in computational terms is worth our while.
Collapse
Affiliation(s)
- Irun R Cohen
- Department of Immunology, The Weizmann Institute of Science, Rehovot 76100, Israel.
| |
Collapse
|
32
|
|
33
|
|
34
|
Gao XZ, Ovaska SJ, Wang X, Chow MY. A neural networks-based negative selection algorithm in fault diagnosis. Neural Comput Appl 2007. [DOI: 10.1007/s00521-007-0092-z] [Citation(s) in RCA: 17] [Impact Index Per Article: 1.0] [Reference Citation Analysis] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 11/24/2022]
|
35
|
Guzella TS, Mota-Santos TA, Caminhas WM. A Novel Immune Inspired Approach to Fault Detection. LECTURE NOTES IN COMPUTER SCIENCE 2007. [DOI: 10.1007/978-3-540-73922-7_10] [Citation(s) in RCA: 3] [Impact Index Per Article: 0.2] [Reference Citation Analysis] [Track Full Text] [Subscribe] [Scholar Register] [Indexed: 12/01/2022]
|
36
|
Abstract
This paper reviews the progress of negative selection algorithms, an anomaly/change detection approach in Artificial Immune Systems (AIS). Following its initial model, we try to identify the fundamental characteristics of this family of algorithms and summarize their diversities. There exist various elements in this method, including data representation, coverage estimate, affinity measure, and matching rules, which are discussed for different variations. The various negative selection algorithms are categorized by different criteria as well. The relationship and possible combinations with other AIS or other machine learning methods are discussed. Prospective development and applicability of negative selection algorithms and their influence on related areas are then speculated based on the discussion.
Collapse
Affiliation(s)
- Zhou Ji
- AutoZone, Inc., Memphis, TN 38103, USA.
| | | |
Collapse
|
37
|
|
38
|
Clonal Selection Algorithms: A Comparative Case Study Using Effective Mutation Potentials. LECTURE NOTES IN COMPUTER SCIENCE 2005. [DOI: 10.1007/11536444_2] [Citation(s) in RCA: 68] [Impact Index Per Article: 3.6] [Reference Citation Analysis] [Track Full Text] [Subscribe] [Scholar Register] [Indexed: 01/01/2023]
|