Authors
Advisor(s)
Abstract(s)
Computer networks are highly dynamic environments in which the meaning of normal and anomalous behaviours can drift considerably throughout time. Behaviour-based Network Intrusion Detection System (NIDS) have thus to cope with the temporal normality drift intrinsic on computer networks, by tuning adaptively its level of response, in order to be able to distinguish harmful from harmless network traffic flows. In this paper we put forward the intrinsic Tunable Activation Threshold (TAT) theory ability to adaptively tolerate normal drifting network traffic flows. This is embodied on the TAT-NIDS, a TAT-based Artificial Immune System (AIS) we have developed for network intrusion detection. We describe the generic AIS framework we have developed to assemble TAT-NIDS and present the results obtained thus far on processing real network traffic data sets. We also compare the performance obtained by TAT-NIDS with the well known and widely deployed signature-based snort network intrusion detection system.
Description
Keywords
Artificial Immune System Tunable Activation Threshold Network Intrusion Detection Anomaly Detection
Pedagogical Context
Citation
ntunes, M., Correia, M.E. (2011). Tunable Immune Detectors for Behaviour-Based Network Intrusion Detection. In: Liò, P., Nicosia, G., Stibor, T. (eds) Artificial Immune Systems. ICARIS 2011. Lecture Notes in Computer Science, vol 6825. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22371-6_29
Publisher
Springer Berlin Heidelberg