Skip to main content
SpringerLink
Log in

An Artificial Immune System-Inspired Multiobjective Evolutionary Algorithm with Application to the Detection of Distributed Computer Network Intrusions

  • Conference paper
Artificial Immune Systems (ICARIS 2007)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 4628))

Included in the following conference series:

Abstract

Contemporary signature-based intrusion detection systems are reactive in nature and are storage-limited. Their operation depends upon identifying an instance of an intrusion or virus and encoding it into a signature that is stored in its anomaly database, providing a window of vulnerability to computer systems during this time. Further, the maximum size of an Internet Protocol-based message requires a huge database in order to maintain possible signature combinations. To tighten this response cycle within storage constraints, this paper presents an innovative artificial immune system (AIS) integrated with a multiobjective evolutionary algorithm (MOEA). This new distributed intrusion detection system (IDS) design is intended to measure the vector of tradeoff solutions among detectors with regard to two independent objectives: best classification fitness and multiobjective hypervolume size. AIS antibody detectors promiscuously monitor network traffic for exact and variant abnormal system events based on only the detector’s own data structure and the application domain truth set. Applied to the MIT-DARPA 1999 insider intrusion detection data set, this new software engineered AIS-MOEA IDS called jREMISA correctly classifies normal and abnormal events at a relative high statistical level which is directly attributed to finding the proper detector affinity threshold.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Coello, C., Van Veldhuizen, D., Lamont, G.: Evolutionary Algorithms for Solving Multi-Objective Problems, Kluwer 2002, 2nd edn. Springer, Heidelberg (2007)

    Google Scholar 

  2. Coello, C., Cortés, N.: Solving Multiobjective Optimization Problems Using an Artificial Immune System. Genetic Programming and Evolvable Machines 6, 163–190 (2005)

    Article  Google Scholar 

  3. De Castro, L.N., Timmis, J.: Artificial Immune Systems: A New Computational Intelligence Approach. Springer, London (2002)

    MATH  Google Scholar 

  4. Dréo, J., Pétrowski, A., Siarry, P., Taillard, E.: Metaheuristics for Hard Optimization: Methods and Case Studies. Springer, Germany (2006)

    MATH  Google Scholar 

  5. Edge, K., Lamont, G., Raines, R.: A Retrovirus Inspired Algorithm for Virus Detection & Optimization. In: GECCO 2006. Genetic and Evolutionary Computation Conference (2006)

    Google Scholar 

  6. Gonzalez, F., Dasgupta, D., Gomez, J.: The Effect of Binary Matching Rules in Negative Selection. In: CEC 2003. Genetic and Evolutionary Computation, Springer, Heidelberg (2003)

    Google Scholar 

  7. Haag, C.R.: An Artificial Immune System-inspired Multiobjective Evolutionary Algorithm with Application to the Detection of Distributed Computer Network Intrusions. M.S. Thesis, Graduate School of Engineering and Management, Air Force Institute of Technology, WPAFB, Dayton, OH, (March 2007)

    Google Scholar 

  8. Harmer, P., Williams, P., Gunsch, G., Lamont, G.: An Artificial Immune System Architecture for Computer Security Applications. IEEE Transactions on Evolutionary Computation 6(3) (June 2002)

    Google Scholar 

  9. Kim, J., Bentley, P., Aickelin, U., Greensmith, J., Tedesco, G., Twycross, J.: Immune System Approaches to Intrusion Detection - A Review, Natural Computing. Springer, Heidelberg (2007)

    Google Scholar 

  10. McGee, P.: Building Better Antibody Therapeutics, Drug Discovery & Development, www.dddmag.com/ShowPR.aspx? PUBCODE=090&ACCT=1600000100&ISSUE=0701&RELTYPE=DEV&PRODCODE=00000000&PRODLETT=AG&CommonCount=0

  11. Michalewicz, Z., Fogel, D.: How to Solve It: Modern Heuristics, 2nd edn. Springer, Heidelberg (2004)

    MATH  Google Scholar 

  12. Middlemiss, M.: Positive and Negative Selection in a Multilayer Artificial Immune System. Information Science Discussion Paper Series, No. 2006/03, University of Otago (January 2006)

    Google Scholar 

  13. MIT Lincoln Laboratory–DARPA Intrusion Detection Evaluation: www.ll.mit.edu/IST/ideval/

  14. Sim, J.S., Park, K.: The Consensus String Problem for a Metric is NP-Complete. J. of Discrete Algorithms 1(1), 111–117 (2003)

    Article  MATH  MathSciNet  Google Scholar 

  15. Symantec Internet Security Threat Report; Trends for January 1, 2004 – June 30, 2004, vol. VI, (September 2004), eval.veritas.com/mktginfo/enterprise/white_papers/ent-whitepaper_symantec_internet_security_threat_report_vi.pdf

  16. Williams, P.: WARTHOG: Towards a Computer Immune System for Detecting “Low and Slow” Information System Attacks, M.S. Thesis, Graduate School of Engineering and Management. Air Force Institute of Technology, WPAFB, Dayton, OH, (March 2001)

    Google Scholar 

  17. Williams, P., Anchor, K., Bebo, J., Gunsch, G., Lamont, G.: CDIS: Towards a Computer Immune System for Detecting Network Intrusions. In: Lee, W., Mé, L., Wespi, A. (eds.) RAID 2001. LNCS, vol. 2212, Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  18. Zitzler, E., Thiele, L., Laumanns, M., Fonseca, C.M., Fonseca, V.G.: Performance Assessment of Multiobjective Optimizers: An Analysis and Review. IEEE Transactions on Evolutionary Computation 7, 117–132 (2003)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Electrical and Computer Engineering, Graduate School of Engineering and Management, Air Force Institute of Technology (AFIT), 2950 Hobson Way, Bldg. 640, WPAFB, Dayton, OH, 45433-7765,  

    Charles R. Haag, Gary B. Lamont, Paul D. Williams & Gilbert L. Peterson

Authors
  1. Charles R. Haag
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Gary B. Lamont
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Paul D. Williams
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Gilbert L. Peterson
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Leandro Nunes de Castro Fernando José Von Zuben Helder Knidel

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Haag, C.R., Lamont, G.B., Williams, P.D., Peterson, G.L. (2007). An Artificial Immune System-Inspired Multiobjective Evolutionary Algorithm with Application to the Detection of Distributed Computer Network Intrusions. In: de Castro, L.N., Von Zuben, F.J., Knidel, H. (eds) Artificial Immune Systems. ICARIS 2007. Lecture Notes in Computer Science, vol 4628. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-73922-7_36

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-73922-7_36

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-73921-0

  • Online ISBN: 978-3-540-73922-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation