Vojnotehnički Glasnik (Oct 2020)
Intrusion detection based on the artificial immune system
Abstract
Introduction/purpose: The artificial immune system is a computational model inspired by the biological or human immune system. Of particular interest in artificial immune systems is the way the human body reacts to new pathogens and adapts to remain immune for a long period after a disease has been combated, which refers to the recognition of known malicious attacks and the way the immune system identifies self-cells not to be reacted to, which refers to the anomaly detection. Methods: Negative selection, positive selection, clonal selection, immune networks, danger theory, and dendritic cell algorithm are presented. Results: A variety of algorithms and models related to artificial immune systems and two classification principles are presented; one based on the detection of a particular attack and the other based on anomaly detection. Conclusion: Artificial immune systems are often used in intrusion detection since they are accurate and fast. Experiments show that the models can be used in both known attack and anomaly detection. Eager machine learning classifiers show better results in the decision, which is an advantage if runtime is not a significant parameter. Dendritic cell and negative selection algorithms show better results for real-time detection.
Keywords
