Presentation is loading. Please wait.

Presentation is loading. Please wait.

Immune-inspired Network Intrusion Detection System (i-NIDS) 1 Next Generation Intelligent Networks Research Center National University of Computer & Emerging.

Published byAndrew Dean Modified over 8 years ago

Similar presentations

Presentation on theme: "Immune-inspired Network Intrusion Detection System (i-NIDS) 1 Next Generation Intelligent Networks Research Center National University of Computer & Emerging."— Presentation transcript:

1 Immune-inspired Network Intrusion Detection System (i-NIDS) 1 Next Generation Intelligent Networks Research Center National University of Computer & Emerging Sciences Islamabad, Pakistan http://www.nexginrc.org M. Zubair Shafiq 1, Syed Ali Khayam 2, Muddassar Farooq 1 GECCO HUMIES - 2008 2 School of Electrical Engineering & Computer Sciences National University of Sciences & Technology Rawalpindi, Pakistan http://wisnet.niit.edu.pk

2 2 Introduction Simple Human competitive Human^ machine competitive

3 3 Unfortunately, most computer viruses are not so courteous!

4 4 Threat numbers show the story of what’s happening?

5 5 Signature matching!Size of signature database cannot scale!Inability to detect zero-day (novel) attacks! These are Commercial Software…

6 6 Motivation for current work A self-healing, self-defending and living artificial immune system Proactive defense against zero-day attacks Mapping concepts from A-life and evolution

7 7 Network Traffic Stream Intelligent Statistical Features 1.Memory of Markov Chain 2.Multi resolution session rate 3.Entropy of IP address 4.Divergence of port distribution Immune inspired Network Intrusion Detection System Alarm Output Adaptive Immune System/ Innate Immune System 1.Negative Selection 2.Dendritic Cell Algorithm

8 8 Human^ machine Competitive Results DetectorTP rate (%)FP rate (%) [Classical Bio-inspired Detector] Naïve RVNS 53.57.9 [Classical Bio-inspired Detector] Naïve DCA 61.65.8 [State-of-the-art Statistical Detector] Rate Limiting 84.41.4 [State-of-the-art Statistical Detector] Maximum Entropy 83.14.2 [Immune inspired NIDS] i-RVNS 94.90.2 [Immune inspired NIDS] i-DCA 94.60.1

9 9 Engineered System Complete version will be ready in 1 year time; free download Patent pending US$200,000 grant to develop the final product from the National ICT R&D fund, Government of Pakistan

10 10 Why the best? In a nutshell… 1. Hard problem in hard domain; impossible for a human to solve 2. Evolved system better than human developed, commercial anti- virus software 3. Evolved system better than state-of-the-art statistical malware detectors 4. Hybrid of statistical-immune detectors; best of both worlds5. Engineered product; open-source initiative

11 11 Publications A Comparative Study of Fuzzy Inference Systems, Neural Networks and Adaptive Neuro Fuzzy Inference Systems for Portscan Detection M. Zubair Shafiq, Muddassar Farooq and Syed Ali Khayam In M. Giacobini et al.(Eds.), Proceedings of Applications of Evolutionary Computing, EvoWorkshops 2007 (EuroGP-EvoCoMnet), Volume 4974 of Lecture Notes in Computer Science, pp. 48–57, Springer Verlag, Napoli, Italy, March,2008. (BEST PAPER NOMINATION) Improving the Accuracy of Immune-inspired Malware Detectors by using Intelligent Features M. Zubair Shafiq, Syed Ali Khayam and Muddassar Farooq In Genetic and Evolutionary Conference (GECCO), July, 2008, Atlanta, USA.

12 12

Download ppt "Immune-inspired Network Intrusion Detection System (i-NIDS) 1 Next Generation Intelligent Networks Research Center National University of Computer & Emerging."

Similar presentations

V-Detector: A Negative Selection Algorithm Zhou Ji, advised by Prof. Dasgupta Computer Science Research Day The University of Memphis March 25, 2005.

V-Detector: A Negative Selection Algorithm Zhou Ji, advised by Prof. Dasgupta Computer Science Research Day The University of Memphis March 25, 2005.
CIFD: Computational Immunology for Fraud Detection

CIFD: Computational Immunology for Fraud Detection
Scalable Parallel Intrusion Detection Fahad Zafar Advising Faculty: Dr. John Dorband and Dr. Yaacov Yeesha 1 University of Maryland Baltimore County.

Scalable Parallel Intrusion Detection Fahad Zafar Advising Faculty: Dr. John Dorband and Dr. Yaacov Yeesha 1 University of Maryland Baltimore County.
School of Cybernetics, School of Systems Engineering, University of Reading Presentation Skills Workshop March 22, ‘11 Diagnosis of Breast Cancer by Modular.

School of Cybernetics, School of Systems Engineering, University of Reading Presentation Skills Workshop March 22, ‘11 Diagnosis of Breast Cancer by Modular.
4 Intelligent Systems.

4 Intelligent Systems.
SIDD: A Framework for Detecting Sensitive Data Exfiltration by an Insider Attack 42 nd Hawaii International Conference on System Sciences, 2009. Electrical.

SIDD: A Framework for Detecting Sensitive Data Exfiltration by an Insider Attack 42 nd Hawaii International Conference on System Sciences, Electrical.
1 Evolvable Malware Sadia Noreen, Sahafq Murtaza, M. Zubair Shafiq, Muddassar Farooq National University of Computer and Emerging Sciences (FAST-NUCES)

1 Evolvable Malware Sadia Noreen, Sahafq Murtaza, M. Zubair Shafiq, Muddassar Farooq National University of Computer and Emerging Sciences (FAST-NUCES)
Anomaly Detection in Data Docent Xiao-Zhi Gao

Anomaly Detection in Data Docent Xiao-Zhi Gao
Anomaly Based Intrusion Detection System

Anomaly Based Intrusion Detection System
NEW TIES year 2 review NEW TIES = New and Emergent World models Through Individual, Evolutionary and Social learning.

NEW TIES year 2 review NEW TIES = New and Emergent World models Through Individual, Evolutionary and Social learning.
Snort - an network intrusion prevention and detection system Student: Yue Jiang Professor: Dr. Bojan Cukic CS665 class presentation.

Snort - an network intrusion prevention and detection system Student: Yue Jiang Professor: Dr. Bojan Cukic CS665 class presentation.
5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.

5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.
Evolving Neural Networks in Classification Sunghwan Sohn.

Evolving Neural Networks in Classification Sunghwan Sohn.
Learning Classifier Systems to Intrusion Detection Monu Bambroo 12/01/03.

Learning Classifier Systems to Intrusion Detection Monu Bambroo 12/01/03.
CS 1 – Introduction to Computer Science Introduction to the wonderful world of Dr. T Dr. Daniel Tauritz.

CS 1 – Introduction to Computer Science Introduction to the wonderful world of Dr. T Dr. Daniel Tauritz.
Genetic Algorithms Learning Machines for knowledge discovery.

Genetic Algorithms Learning Machines for knowledge discovery.
Marakas: Decision Support Systems, 2nd Edition © 2003, Prentice-Hall Chapter 7 - 1 Chapter 7: Expert Systems and Artificial Intelligence Decision Support.

Marakas: Decision Support Systems, 2nd Edition © 2003, Prentice-Hall Chapter Chapter 7: Expert Systems and Artificial Intelligence Decision Support.
Strategic Directions in Real- Time & Embedded Systems Aatash Patel 18 th September, 2001.

Strategic Directions in Real- Time & Embedded Systems Aatash Patel 18 th September, 2001.
CS 1 – Introduction to Computer Science Introduction to the wonderful world of Dr. T Dr. Daniel Tauritz.

CS 1 – Introduction to Computer Science Introduction to the wonderful world of Dr. T Dr. Daniel Tauritz.
INTRODUCTION TO COMPUTATIONAL INTELLIGENCE, Nanjing University Spring 2014 INTRODUCTION TO COMPUTATIONAL INTELLIGENCE Lin Shang Dept. of Computer Science.

INTRODUCTION TO COMPUTATIONAL INTELLIGENCE, Nanjing University Spring 2014 INTRODUCTION TO COMPUTATIONAL INTELLIGENCE Lin Shang Dept. of Computer Science.

Similar presentations

Ads by Google