An Immune Inspired Approach to Anomaly Detection
The immune system provides a rich metaphor for computer security: anomaly detection that works in nature should work for machines. However, early artificial immune system approaches for computer security had only limited success. Arguably, this was due to these artificial systems being based on too...
| Main Authors: | , |
|---|---|
| Format: | Book Section |
| Published: |
IDEAS Publishing
2007
|
| Online Access: | https://eprints.nottingham.ac.uk/584/ |
| _version_ | 1848790436788830208 |
|---|---|
| author | Twycross, Jamie Aickelin, Uwe |
| author_facet | Twycross, Jamie Aickelin, Uwe |
| author_sort | Twycross, Jamie |
| building | Nottingham Research Data Repository |
| collection | Online Access |
| description | The immune system provides a rich metaphor for computer security: anomaly detection that works in nature should work for machines. However, early artificial immune system approaches for computer security had only limited success. Arguably, this was due to these artificial systems being based on too simplistic a view of the immune system. We present here a second generation artificial immune system for process anomaly detection. It improves on earlier systems by having different artificial cell types that process information. Following detailed information about how to build such second generation systems, we find that communication between cells types is key to performance. Through realistic testing and validation we show that second generation artificial immune systems are capable of anomaly detection beyond generic system policies. The paper concludes with a discussion and outline of the next steps in this exciting area of computer security. |
| first_indexed | 2025-11-14T18:12:35Z |
| format | Book Section |
| id | nottingham-584 |
| institution | University of Nottingham Malaysia Campus |
| institution_category | Local University |
| last_indexed | 2025-11-14T18:12:35Z |
| publishDate | 2007 |
| publisher | IDEAS Publishing |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | nottingham-5842020-05-04T20:29:14Z https://eprints.nottingham.ac.uk/584/ An Immune Inspired Approach to Anomaly Detection Twycross, Jamie Aickelin, Uwe The immune system provides a rich metaphor for computer security: anomaly detection that works in nature should work for machines. However, early artificial immune system approaches for computer security had only limited success. Arguably, this was due to these artificial systems being based on too simplistic a view of the immune system. We present here a second generation artificial immune system for process anomaly detection. It improves on earlier systems by having different artificial cell types that process information. Following detailed information about how to build such second generation systems, we find that communication between cells types is key to performance. Through realistic testing and validation we show that second generation artificial immune systems are capable of anomaly detection beyond generic system policies. The paper concludes with a discussion and outline of the next steps in this exciting area of computer security. IDEAS Publishing 2007 Book Section PeerReviewed Twycross, Jamie and Aickelin, Uwe (2007) An Immune Inspired Approach to Anomaly Detection. In: Handbook of Research on Information Assurance and Security. IDEAS Publishing. (In Press) |
| spellingShingle | Twycross, Jamie Aickelin, Uwe An Immune Inspired Approach to Anomaly Detection |
| title | An Immune Inspired Approach to Anomaly Detection |
| title_full | An Immune Inspired Approach to Anomaly Detection |
| title_fullStr | An Immune Inspired Approach to Anomaly Detection |
| title_full_unstemmed | An Immune Inspired Approach to Anomaly Detection |
| title_short | An Immune Inspired Approach to Anomaly Detection |
| title_sort | immune inspired approach to anomaly detection |
| url | https://eprints.nottingham.ac.uk/584/ |