An immune inspired Network Intrusion Detection System utilising correlation
Network Intrusion Detection Systems (NIDS) are computer systems which monitor a network with the aim of discerning malicious from benign activity on that network. While a wide range of approaches have met varying levels of success, most IDSs rely on having access to a database of known attack signat...
| Main Authors: | , |
|---|---|
| Other Authors: | |
| Format: | Book Section |
| Published: |
Society for the Study of Artificial Intelligence and the Simulation of Behaviour
2006
|
| Online Access: | https://eprints.nottingham.ac.uk/995/ |
| _version_ | 1848790522493140992 |
|---|---|
| author | Tedesco, Gianni Aickelin, Uwe |
| author2 | Kovacs, Tim |
| author_facet | Kovacs, Tim Tedesco, Gianni Aickelin, Uwe |
| author_sort | Tedesco, Gianni |
| building | Nottingham Research Data Repository |
| collection | Online Access |
| description | Network Intrusion Detection Systems (NIDS) are computer systems which monitor a network with the aim of discerning malicious from benign activity on that network. While a wide range of approaches have met varying levels of success, most IDSs rely on having access to a database of known attack signatures which are written by security experts. Nowadays, in order to solve problems with false
positive alerts, correlation algorithms are used to add additional structure to sequences of IDS alerts. However, such techniques are of no help in discovering novel attacks or variations of known attacks, something the human immune system (HIS) is capable of doing in its own specialised domain. This paper presents a novel immune algorithm for application to the IDS problem. The goal is to discover
packets containing novel variations of attacks covered by an existing signature base. |
| first_indexed | 2025-11-14T18:13:57Z |
| format | Book Section |
| id | nottingham-995 |
| institution | University of Nottingham Malaysia Campus |
| institution_category | Local University |
| last_indexed | 2025-11-14T18:13:57Z |
| publishDate | 2006 |
| publisher | Society for the Study of Artificial Intelligence and the Simulation of Behaviour |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | nottingham-9952020-05-04T20:30:20Z https://eprints.nottingham.ac.uk/995/ An immune inspired Network Intrusion Detection System utilising correlation Tedesco, Gianni Aickelin, Uwe Network Intrusion Detection Systems (NIDS) are computer systems which monitor a network with the aim of discerning malicious from benign activity on that network. While a wide range of approaches have met varying levels of success, most IDSs rely on having access to a database of known attack signatures which are written by security experts. Nowadays, in order to solve problems with false positive alerts, correlation algorithms are used to add additional structure to sequences of IDS alerts. However, such techniques are of no help in discovering novel attacks or variations of known attacks, something the human immune system (HIS) is capable of doing in its own specialised domain. This paper presents a novel immune algorithm for application to the IDS problem. The goal is to discover packets containing novel variations of attacks covered by an existing signature base. Society for the Study of Artificial Intelligence and the Simulation of Behaviour Kovacs, Tim Marshall, James A.R. 2006 Book Section PeerReviewed Tedesco, Gianni and Aickelin, Uwe (2006) An immune inspired Network Intrusion Detection System utilising correlation. In: AISB '06: adaptation in artificial and biological systems. Society for the Study of Artificial Intelligence and the Simulation of Behaviour, Bristol, pp. 16-17. ISBN 1902956975 http://www.aisb.org.uk/publications/proceedings/aisb06/AISB06_vol1.pdf |
| spellingShingle | Tedesco, Gianni Aickelin, Uwe An immune inspired Network Intrusion Detection System utilising correlation |
| title | An immune inspired Network Intrusion Detection System utilising correlation |
| title_full | An immune inspired Network Intrusion Detection System utilising correlation |
| title_fullStr | An immune inspired Network Intrusion Detection System utilising correlation |
| title_full_unstemmed | An immune inspired Network Intrusion Detection System utilising correlation |
| title_short | An immune inspired Network Intrusion Detection System utilising correlation |
| title_sort | immune inspired network intrusion detection system utilising correlation |
| url | https://eprints.nottingham.ac.uk/995/ https://eprints.nottingham.ac.uk/995/ |