An Adaptive LAN Intrusion Detection System Based on Computer Immunology

It is very useful to design adaptive LAN intrusion detection systems to improve the security of LANs. If a network connection links to an open port of an active host, it is defined as a normal one; otherwise, it is defined as an abnormal one. Rationality of the definitions is proved. Normal connecti...

Full description

Saved in:
Bibliographic Details
Main Authors: Tie-Shan Zhao, Zeng-Zhi Li, Ze-Min Wang, Xiao-Jun Lin
Format: Conference Proceeding
Language:English
Subjects:
Adaptive
Biological system modeling
Biology computing
Computational modeling
Computer immunology
Computer networks
Computer security
Correct and complete self-body set
Educational institutions
Immune system
Internet
Intrusion detection
Intrusion detection system
Local area networks
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:It is very useful to design adaptive LAN intrusion detection systems to improve the security of LANs. If a network connection links to an open port of an active host, it is defined as a normal one; otherwise, it is defined as an abnormal one. Rationality of the definitions is proved. Normal connections are self-bodies. A correct and complete self-body set can be used for an antibody set. If a new network connection doesn't match any self-body, it is abnormal. An adaptive antibody generation model is presented firstly. Based on it, an adaptive intrusion detection system is introduced. Experiments show that the system is feasible: the detection rate of intruders' scans is 100%, of intruders' random probes is more than 98%, and there are no false alerts.
DOI:10.1109/ROBIO.2007.4522517