GEP-based Framework for Immune-Inspired Intrusion Detection
Immune-inspired intrusion detection is a promising technology for network security, and well known for its diversity, adaptation, self-tolerance, etc. However, scalability and coverage are two major drawbacks of the immune-inspired intrusion detection systems (IIDSes). In this paper, we propose an IIDS framework, named GEP-IIDS, with improved basic system elements to address these two problems. First, an additional bio-inspired technique, gene expression programming (GEP), is introduced in detector (corresponding to detection rules) representation. In addition, inspired by the avidity model of immunology, new avidity/affinity functions taking the priority of attributes into account are given. Based on the above two improved elements, we also propose a novel immune algorithm that is capable of integrating two bio-inspired mechanisms (i.e., negative selection and positive selection) by using a balance factor. Finally, a pruning algorithm is given to reduce redundant detectors that consume footprint and detection time but do not contribute to improving performance. Our experimental results show the feasibility and effectiveness of our solution to handle the scalability and coverage problems of IIDS.
- Publisher
- KSII-KOR SOC INTERNET INFORMATION
- Issue Date
- 2010-12
- Language
- English
- Article Type
- Article
- Keywords
NEGATIVE SELECTION; ATTACKS; SYSTEM
- Citation
KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS, v.4, no.6, pp.1273 - 1293
- ISSN
- 1976-7277
- Appears in Collection
- RIMS Journal Papers
- Files in This Item
- There are no files associated with this item.
This item is cited by other documents in WoS
| ⊙ Detail Information in WoSⓡ | Click to see |  |
| ⊙ Cited 2 items in WoS | Click to see citing articles in |  |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.