Abstract
Inspired by biological immune systems, a new immune-based model for computer virus detection is proposed in this paper. Quantitative description of the model is given. A dynamic evolution model for self/nonself description is presented, which reduces the size of self set. Furthermore, an evolutive gene library is introduced to improve the generating efficiency of mature detectors, reducing the system time spending, false-negative and false-positive rates. Experiments show that this model has better time efficiency and detecting ability than the classical model ARTIS.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
F-Secure Corporation’s Data Security Summary for 2004. F-Secure Corporation (April 2005), Available http://www.f-secure.com/2004/
Staniford, S., Paxson, V., Weaver, N.: How to own the internet in your spare time. In: Proc. of the USENIX Security Symposium, San Francisco, Marriott (2002)
Cohen, F.: Computer viruses: theory and experiments. Computers and Security 6, 22–35 (1987)
Spafford, E.H.: Computer Viruses—A Form of Artificial Life? Technical Report, Purdue University (1994)
Swimmer, M.: Dynamic detection and classification of computer viruses using general behavior patterns. In: Proc. of the Fifth International Virus Bulletin Conference, Boston (1995)
Albert, R., Jeong, H., Barabasi, A.L.: Diameter of the world wide web. Nature 401, 130–131 (1999)
Lloyd, A.L., May, R.M.: How viruses spread among computers and people. Science 292, 1316–1317 (2002)
Newman, M.E.J., Forrest, S., Balthrop, J.: Email networks and the spread of computer viruses. Phys. Rev. EÂ 66(035101) (2002)
Albert, R., Jeong, H., Barabasi, A.L.: Attack and error tolerance of complex networks. Nature 406, 378–382 (2002)
Callaway, D.S., Newman, M.E.J., Strogatz, S.H., Watts, D.J.: Network robustness and fragility: percolation on random graphs. Phys. Rev. Lett. 85, 5468–5471 (2002)
Balthrop, J., Forrest, S., Newman, M.E.J., Williamson, M.M.: Technological networks and the spread of computer viruses. Science 304, 527–529 (2004)
Perelson, A.S., Weisbuch, G.: Immunology for physicists. Review of Modern Physics 69(4), 1219–1263 (1997)
De Castro, L.N., Timmis, J.I.: Artificial immune systems as a novel soft computing paradigm. Soft Computing Journal 7(8), 526–544 (2003)
Li, T.: An Introduction to Computer Network Security. Publishing House of Electronics Industry, Beijing (2004)
Li, T.: Computer Immunology. Publishing House of Electronics Industry, Beijing (2004)
Forrest, S., Perelson, A.S.: Self-nonself discrimination in a computer. In: Proc. of IEEE Symposium on Security and Privacy, Oakland, pp. 202–213 (1994)
Hofmeyr, S.: An Immunological Model of Distributed Detection and its Application to Computer Security. Ph.D. dissertation, Univ. New Mexico (1999)
Hofmeyr, S., Forrest, S.: Architecture for an artificial immune system. Evolutionary Computation 8(4), 443–473 (2000)
Kephart, J.O., Arnold, W.C.: Automatic extraction of computer virus signatures. In: Proc. of the Fourth International Virus Bulletin Conference, St. Helier, Jersey, UK (1994)
Kephart, J.O., Sorkin, G.B., Swimmer, M., White, S.R.: Blueprint for a computer immune system. In: Proc. of the 1997 International Virus Bulletin Conference, San Francisco, California (1997)
Okamoto, T., Ishida, Y.: A distributed approach against computer viruses inspired by the immune system. IEICE Trans. on Communication E83-B(5), 908–915 (2000)
Harmer, P.K., Williams, P.D., Gunsch, G.H., Lamont, G.B.: An artificial immune system architecture for computer security applications. IEEE Transactions on Evolutionary Computation 6(3), 252–280 (2002)
Rabiner, L.: A tutorial on Hidden Markov Models and selected applications in speech recognition. Proc. of the IEEE 77(2), 257–286 (1989)
Jensen, R.S.: Immune system for virus detection and elimination. Master’s Thesis, Technical University of Denmark, DTU (2002)
LISYS (April 2005), Available http://www.cs.unm.edu/~forrest/software/lisys/
Li, T.: An immunity based network security risk estimation. Science in China Ser. F Information Sciences 48(5), 798–816 (2005)
Li, T.: An immune based dynamic intrusion detection model. Chinese Science Bulletin 50(17) (2005)
Li, T.: A new model of immune-based network surveillance and dynamic computer forensics. In: Wang, L., Chen, K., S. Ong, Y. (eds.) ICNC 2005. LNCS, vol. 3611, pp. 799–808. Springer, Heidelberg (2005)
Xu, C., Li, T.: A weather forecast system based on artificial immune system. In: Wang, L., Chen, K., S. Ong, Y. (eds.) ICNC 2005. LNCS, vol. 3611, pp. 795–798. Springer, Heidelberg (2005)
Shen, J., Xie, S.: Probability and Statistics. Higher Education Press, Beijing (1989)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Li, T., Liu, X., Li, H. (2005). An Immune-Based Model for Computer Virus Detection. In: Desmedt, Y.G., Wang, H., Mu, Y., Li, Y. (eds) Cryptology and Network Security. CANS 2005. Lecture Notes in Computer Science, vol 3810. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11599371_6
Download citation
DOI: https://doi.org/10.1007/11599371_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-30849-2
Online ISBN: 978-3-540-32298-6
eBook Packages: Computer ScienceComputer Science (R0)