The University of Southampton
University of Southampton Institutional Repository

Evolving discrete-valued anomaly detectors for a network intrusion detection system using negative selection

Evolving discrete-valued anomaly detectors for a network intrusion detection system using negative selection
Evolving discrete-valued anomaly detectors for a network intrusion detection system using negative selection
Network intrusion detection is the problem of detecting unauthorised use of, or access to, computer systems over a network. One approach is anomaly detection, where deviations from a model of normal network activity are reported. The negative selection algorithm, inspired by the immune system, can be used to generate anomaly detectors. Previous work has applied a genetic algorithm to generate real-valued detectors. However, we argue that at least some discrete fields are required in detectors, e.g. the port number. The system reported in this paper evolves discrete-valued detectors, which we show are able to outperform real-valued detectors.
artificial immune system, intrusion detection, negative selection
41-48
Powers, Simon T.
99f673bb-debc-4c1f-90d3-78724a6020bb
He, Jun
d190c383-8093-4c9c-aade-c3a1fb3ae78f
Wang, Xue Z.
5d5284a7-dc3f-4741-9dcb-6353f2529347
Li, Rui Fa
1853c957-b633-4c46-86ce-6258709cfa76
Powers, Simon T.
99f673bb-debc-4c1f-90d3-78724a6020bb
He, Jun
d190c383-8093-4c9c-aade-c3a1fb3ae78f
Wang, Xue Z.
5d5284a7-dc3f-4741-9dcb-6353f2529347
Li, Rui Fa
1853c957-b633-4c46-86ce-6258709cfa76

Powers, Simon T. and He, Jun (2006) Evolving discrete-valued anomaly detectors for a network intrusion detection system using negative selection. Wang, Xue Z. and Li, Rui Fa (eds.) the 6th UK Workshop on Computational Intelligence (UKCI'06), University of Leeds. pp. 41-48 .

Record type: Conference or Workshop Item (Paper)

Abstract

Network intrusion detection is the problem of detecting unauthorised use of, or access to, computer systems over a network. One approach is anomaly detection, where deviations from a model of normal network activity are reported. The negative selection algorithm, inspired by the immune system, can be used to generate anomaly detectors. Previous work has applied a genetic algorithm to generate real-valued detectors. However, we argue that at least some discrete fields are required in detectors, e.g. the port number. The system reported in this paper evolves discrete-valued detectors, which we show are able to outperform real-valued detectors.

Text
2006ukci.pdf - Other
Download (162kB)

More information

Published date: 2006
Additional Information: Event Dates: 04/09/2006
Venue - Dates: the 6th UK Workshop on Computational Intelligence (UKCI'06), University of Leeds, 2006-09-04
Keywords: artificial immune system, intrusion detection, negative selection
Organisations: Electronics & Computer Science

Identifiers

Local EPrints ID: 264052
URI: http://eprints.soton.ac.uk/id/eprint/264052
PURE UUID: e84b3140-ff7f-47a8-a598-580162147beb

Catalogue record

Date deposited: 23 May 2007
Last modified: 14 Mar 2024 07:41

Export record

Contributors

Author: Simon T. Powers
Author: Jun He
Editor: Xue Z. Wang
Editor: Rui Fa Li

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of http://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×