Artificial Immune Detection for Network Intrusion Data Based on Quantitative Matching Method

Artificial immune detection can be used to detect network intrusions in an adaptive approach and proper matching methods can improve the accuracy of immune detection methods.This paper proposes an artificial immune detection model for network intrusion data based on a quantitative matching method.The proposed model defines the detection process by using network data and decimal values to express features and artificial immune mechanisms are simulated to define immune elements.Then,to improve the accuracy of similarity calculation,a quantitative matching method is proposed.The model uses mathematical methods to train and evolve immune elements,increasing the diversity of immune recognition and allowing for the successful detection of unknown intrusions.The proposed model’s objective is to accurately identify known intrusions and expand the identification of unknown intrusions through signature detection and immune detection,overcoming the disadvantages of traditional methods.The experiment results show that the proposed model can detect intrusions effectively.It has a detection rate of more than 99.6%on average and a false alarm rate of 0.0264%.It outperforms existing immune intrusion detection methods in terms of comprehensive detection performance.

Detection of Atrazine Residue in Food Samples by a Monoclonal Antibody-based Enzyme-linked Immunosorbent Assay

Atrazine（AT,2-chloro-4-ethylamino-6-isopropyl-amino-s-triazine）has been detected in ground water in several areas of the United States for many years,as well as in China,wherein the growth rate of its gross

A Novel Immune System Model and Its Application to Network Intrusion Detection

Based on analyzing the techniques and architecture of existing network Intrusion Detection System (IDS), and probing into the fundament of Immune System (IS), a novel immune model is presented and applied to network IDS, which is helpful to design an effective IDS. Besides, this paper suggests a scheme to represent the self profile of network. And an automated self profile extraction algorithm is provided to extract self profile from packets. The experimental results prove validity of the scheme and algorithm, which is the foundation of the immune model.

Immune Recognition Method Based on Analogy Reasoning in Intrusion Detection System

In this paper, we propose an analogy based immune recognition method that focuses on the implement of the clone selection process and the negative selection process by means of analogy similarity. This method is applied in an IDS （Intrusion Detection System） following several steps. Firstly, the initial abnormal behaviours sample set is optimized through the combining of the AIS （Artificial Immune System） and the genetic algorithm. Then, the abnormity probability algorithm is raised considering the two sides of abnormality and normality. Finally, an intrusion detection system model is established based on the above algorithms and models.

Nanoplatforms for Sepsis Management: Rapid Detection/Warning, Pathogen Elimination and Restoring Immune Homeostasis

Sepsis,a highly life-threatening organ dysfunction caused by uncontrollable immune responses to infection,is a leading contributor to mortality in intensive care units.Sepsis-related deaths have been reported to account for 19.7%of all global deaths.However,no effective and specific therapeutic for clinical sepsis management is available due to the complex pathogenesis.Concurrently eliminating infections and restoring immune homeostasis are regarded as the core strategies to manage sepsis.Sophisticated nanoplatforms guided by supramolecular and medicinal chemistry,targeting infection and/or imbalanced immune responses,have emerged as potent tools to combat sepsis by supporting more accurate diagnosis and precision treatment.Nanoplatforms can overcome the barriers faced by clinical strategies,including delayed diagnosis,drug resistance and incapacity to manage immune disorders.Here,we present a comprehensive review highlighting the pathogenetic characteristics of sepsis and future therapeutic concepts,summarizing the progress of these well-designed nanoplatforms in sepsis management and discussing the ongoing challenges and perspectives regarding future potential therapies.Based on these state-of-the-art studies,this review will advance multidisciplinary collaboration and drive clinical translation to remedy sepsis.

Smartphone Malware Detection Model Based on Artificial Immune System

In order to solve the problem that me traditional signature-based detection technology cannot effectively detect unknown malware, we propose in this study a smartphone malware detection model （SP-MDM） based on artificial immune system, in which static malware analysis and dynamic malware analysis techniques are combined, and antigens are generated by encoding the characteristics extracted from the malware. Based on negative selection algorithm, the mature detectors are generated. By introducing clonal selection algorithm, the detectors with higher affinity are selected to undergo a proliferation and somatic hyper-mutation process, so that more excellent detector offspring can be generated. Experimental result shows that the detection model has a higher detection rate for unknown smartphone malware, and better detection performance can be achieved by increasing the clone generation.

An Improved Artificial Immune System-Based Network Intrusion Detection by Using Rough Set

With theincreasing worldwide network attacks, intrusion detection (ID) hasbecome a popularresearch topic inlast decade.Several artificial intelligence techniques such as neural networks and fuzzy logichave been applied in ID. The results are varied. Theintrusion detection accuracy is themain focus for intrusion detection systems (IDS). Most research activities in the area aiming to improve the ID accuracy. In this paper, anartificial immune system (AIS) based network intrusion detection scheme is proposed. An optimized feature selection using Rough Set (RS) theory is defined. The complexity issue is addressed in the design of the algorithms. The scheme is tested on the widely used KDD CUP 99 dataset. The result shows that theproposed scheme outperforms other schemes in detection accuracy.

Anomaly Detection with Artificial Immune Network

Inspired by the immune network theory, an adaptive anomaly detection paradigm based on artificial immune network, referred as APAI, is proposed. The implementation of the paradigm includes： initially, the first is to create the initial antibody network; then, through the learning of each training antigen, the antibody network is evolved and updated by the optimal antibodies. Finally, anomaly detection process is accomplished by majority vote of the k nearest neighbor antibodies in the network. The experiments used the famous Sonar Benchmark dataset in our study, which is taken from the UCI machine learning database. The obtained detection accuracy of APAI was 97.7%, which was very promising with regard to the other classification applications in the literature for this problem. In addition to its nonlinear classification properties, APAI possesses biological immune network properties such as clonal selection, immune network, and immune memory, which can be applied to pattern recognition, classification, and etc.

Immune based computer virus detection approaches

The computer virus is considered one of the most horrifying threats to the security of computer systems worldwide.The rapid development of evasion techniques used in virus causes the signature based computer virus detection techniques to be ineffective.Many novel computer virus detection approaches have been proposed in the past to cope with the ineffectiveness,mainly classified into three categories: static,dynamic and heuristics techniques.As the natural similarities between the biological immune system(BIS),computer security system(CSS),and the artificial immune system(AIS) were all developed as a new prototype in the community of anti-virus research.The immune mechanisms in the BIS provide the opportunities to construct computer virus detection models that are robust and adaptive with the ability to detect unseen viruses.In this paper,a variety of classic computer virus detection approaches were introduced and reviewed based on the background knowledge of the computer virus history.Next,a variety of immune based computer virus detection approaches were also discussed in detail.Promising experimental results suggest that the immune based computer virus detection approaches were able to detect new variants and unseen viruses at lower false positive rates,which have paved a new way for the anti-virus research.

Intrusion detection based on rough set and artificial immune

In order to increase intrusion detection rate and decrease false positive detection rate,a novel intrusion detection algorithm based on rough set and artificial immune( RSAI-IDA) is proposed.Using artificial immune in intrusion detection,anomaly actions are detected adaptively,and with rough set,effective antibodies can be obtained. A scheme,in which antibodies are partly generated randomly and others are from the artificial immune algorithm,is applied to ensure the antibodies diversity. Finally,simulations of RSAI-IDA and comparisons with other algorithms are given. The experimental results illustrate that the novel algorithm achieves more effective performances on anomaly intrusion detection,where the algorithm's time complexity decreases,the true positive detection rate increases,and the false positive detection rate is decreased.

A Network Intrusion Detection Model Based on Immune Multi-Agent

A new network intrusion detection model based on immune multi-agent theory is established and the concept of multi-agents is advanced to realize the logical structure and running mechanism of immune multi-agent as well as multi-level and distributed detection mechanism against network intrusion, using the adaptability, diversity and memory properties of artificial immune algorithm and combing the robustness and distributed character of multi-agents system structure. The experiment results conclude that this system is working pretty well in network security detection.

Combining Artificial Immune System and Clustering Analysis: A Stock Market Anomaly Detection Model

Artificial intelligence research in the stock market sector has been heavily geared towards stock price prediction rather than stock price manipulation. As online trading systems have increased the amount of high volume and re-al-time data transactions, the stock market has increased vulnerability to at-tacks. This paper aims to detect these attacks based on normal trade behavior using an Artificial Immune System (AIS) approach combined with one of four clustering algorithms. The AIS approach is inspired by its proven ability to handle time-series data and its ability to detect abnormal behavior while only being trained on regular trade behavior. These two main points are essential as the models need to adapt over time to adjust to normal trade behavior as it evolves, and due to confidentiality and data restrictions, real-world manipula-tions are not available for training. This paper discovers a competitive alterna-tive to the leading approach and investigates the effects of combining AIS with clustering algorithms;Kernel Density Estimation, Self-Organized Maps, Densi-ty-Based Spatial Clustering of Applications with Noise and Spectral clustering. The best performing solution achieves leading performance using common clustering metrics, including Area Under the Curve, False Alarm Rate, False Negative Rate, and Computation Time.

Unsupervised Anomaly Detection for Network Flow Using Immune Network Based K-means Clustering

To detect effectively unknown anomalous attack behaviors of network traffic,an Unsupervised Anomaly Detection approach for network flow using Immune Network based K-means clustering(UADINK)is proposed.In UADINK,artificial immune network based K-means clustering algorithm(aiNet_KMC)is introduced to cluster network flow,i.e.extracting abstract internal images from network flows and obtaining an optimizing parameter K of K-means by aiNet model,and network flows are clustered by K-means algorithm.The cluster labeling algorithm(clusLA)and the network flow anomaly detection algorithm(NFAD)are introduced to detect anomalous attack behaviors of network flows,where the clusLA algorithm is used for labeling whether each cluster belongs to malicious,and the labeled clusters are regarded as detectors to identify anomaly network flows by NFAD.To evaluate the effectiveness of UADINK,the ISCX 2012 IDS dataset is considered as the simulating experimental dataset.Compared with the NDM based K-means anomaly detection approach,the results show that UADINK is a radical anomaly detection approach in order to detect anomalies of network flows.

Towards an Artificial Immune System for Detecting Anomalies in Wireless Mesh Networks

This paper focuses on investigating immunological principles in designing a multi-agent security architecture for intrusion detection and response in wireless mesh networks.In this approach,the immunity-based agents monitor the situation in the network.These agents can take appropriate actions according to the underlying security policies.Specifically,their activities are coordinated in a hierarchical fashion while sensing,communicating,determining and generating responses.Such an agent can learn about and adapt to its environment dynamically and can detect both known and unknown intrusions.The proposed intrusion detection architecture is designed to be flexible,extendible,and adaptable so that it can perform real-time monitoring.This paper provides the conceptual view and a general framework of the proposed system.In the end,the architecture is illustrated by an example and by simulation to show it can prevent attacks efficiently.

Immune Based Intrusion Detector Generating Algorithm

Immune-based intrusion detection approaches are studied. The methods ofconstructing self set and generating mature detectors are researched and improved. A binary encodingbased self set construction method is applied. First, the traditional mature detector generatingalgorithm is improved to generate mature detectors and detect intrusions faster. Then, a novelmature detector generating algorithm is proposed based on the negative selection mechanism.According to the algorithm, less mature detectors are needed to detect the abnormal activities inthe network. Therefore, the speed of generating mature detecotrs and intrusion detection isimproved. By comparing with those based on existing algorithms, the intrusion detection system basedon the algorithm has higher speed and accuracy.

Immunity Based Worm Detection System

Current worm detection methods are unable to detect multi-vector polymorphic worms effectively. Based on negative selection mechanism of the immune system, a local network worm detection system that detects worms was proposed. Normal network service requests were represented by self-strings, and the detection system used self-strings to monitor the network for anomaly. According to the properties of worm propagation, a control center correlated the anomalies detected in the form of binary trees to ensure the accuracy of worm detection. Experiments show the system to be effective in detecting the traditional as well as multi-vector polymorphic worms.

Clone Selection Algorithm with Niching Strategy for Computer Immune System

A clone selection algorithm for computer immune system is presented. Clone selection principles in biological immune system are applied to the domain of computer virus detection. Based on the negative selection algorithm proposed by Stephanie Forrest, combining mutation operator in genetic algorithms and niching strategy in biology is adopted, the number of detectors is decreased effectively and the ability on self-nonself discrimination is improved. Simulation experiment shows that the algorithm is simple, practical and is adapted to the discrimination for long files.

Multi-Agent Network Intrusion Active Defense Model Based on Immune Theory

Inspired by the immune theory and multi-agent systems, an immune multi-agent active defense model for network intrusion is established. The concept of immune agent is introduced, and its running mechanism is established. The method, which uses antibody concentration to quantitatively describe the degree of intrusion danger, is presented. This model implements the multi-layer and distributed active defense mechanism for network intrusion. The experiment results show that this model is a good solution to the network security defense.