CIFD: Computational Immunology for Fraud Detection

Slides:

Advertisements

Similar presentations

Dr.Mohammed Sharique Ahmed Quadri Assistant professor Physiology

Advertisements

V-Detector: A Negative Selection Algorithm Zhou Ji, advised by Prof. Dasgupta Computer Science Research Day The University of Memphis March 25, 2005.

Introduction to Immunology BIOS 486A/586A Kenneth J. Goodrum,Ph.D. Department of Biomedical Sciences Ohio University 2005.

Immune System Part III:

Biology 224 Human Anatomy and Physiology II Week 5; Lecture 1; Monday Dr. Stuart S. Sumida Immune and other Defense Systems.

The Immune System

1 BY: Nazanin Asadi Zohre Molaei Isfahan University of Technology.

Ch. 43 The Immune System.

Immune System Chapter 14.

The Immune System Specific Immunity. What You Should Know Immune surveillance A range of white blood cells constantly circulate monitoring the tissues.

Anomaly Detection in Data Docent Xiao-Zhi Gao

Lecture outline The nomenclature of Immunology

Anomaly Based Intrusion Detection System

The Immune System Lesson 1: The Immune Systems

Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.

School of Computer Science and Information Systems

Artificial Immune Systems Our body’s immune system is a perfect example of a learning system. It is able to distinguish between good cells and potentially.

seminar on Intrusion detection system

Passive traffic measurement Capturing actual Internet packets in order to measure: –Packet sizes –Traffic volumes –Application utilisation –Resource utilisation.

3rd Line – Immune Response B – Body’s response to viruses/bacteria.

Department Of Computer Engineering

Intrusion Detection System Marmagna Desai [ 520 Presentation]

Intrusion Prevention, Detection & Response. IDS vs IPS IDS = Intrusion detection system IPS = intrusion prevention system.

2 pt 3 pt 4 pt 5pt 1 pt 2 pt 3 pt 4 pt 5 pt 1 pt 2pt 3 pt 4pt 5 pt 1pt 2pt 3 pt 4 pt 5 pt 1 pt 2 pt 3 pt 4pt 5 pt 1pt Structures Disease & Disorder ImmunitySystems.

By : Anas Assiri.  Introduction  fraud detection  Immune system  Artificial immune system (AIS)  AISFD  Clonal selection.

Distributed Network Intrusion Detection An Immunological Approach Steven Hofmeyr Stephanie Forrest Patrik D’haeseleer Dept. of Computer Science University.

1 Principles of a Computer Immune System Anil Somayaji, Steven Hofmeyr, & Stephanie Forrest Presented by: Jesus Morales.

Immunity and Infection Chapter 17. The Chain of Infection  Transmitted through a chain of infection (six links) ◦ Pathogen: ◦ Reservoir: ◦ Portal of.

The Immune System Bryce Tappan. Function of the Immune System The purpose of the immune system is to protect an organism from external dangers such as.

The Immune System By Mikasa Modi and Anthony Chong.

IDS Intrusion Detection Systems CERT definition: A combination of hardware and software that monitors and collects system and network information and analyzes.

Specific Cellular Defence.  Range of white blood cells (WBCs) circulate monitoring for damage, pathogens or cancerous cells  In response to damage or.

Characteristics of the Specific Immune Response It recognizes and targets “specific” pathogens or foreign substances. It has a “memory,” the capacity to.

LYMPHOCYTES & ITS FUNCTIONS

A virus is software that spreads from program to program, or from disk to disk, and uses each infected program or disk to make copies of itself. Basically.

Cell mediated response What the B-cells miss or are not programmed to deal with T-cells are able to handle. Usually 1.

Bellwork Discuss with your group what you think is happening in the following processes. Why does your body undergo an allergic reaction? Why do some.

Defending Against Infection Immune Surveillance - cells monitor the body for infection *These “surveillance cells” ID body cells by their surface protein.

Specific Defenses of the Host

The immune response White Blood cell types. Myeloid stem cells Lymphoid cells Pluripotent stem cells (in bone marrow) Monocyte Mast cells Basophils Neutrophils.

IMMUNE SYSTEM OVERVIEW

Chapter 5: Implementing Intrusion Prevention

Biologically Inspired Defenses against Computer Viruses International Joint Conference on Artificial Intelligence 95’ J.O. Kephart et al.

Basic Immunology The Immune system must have the ability to distinguish between self and non-self molecules Self Molecules- components of an organism’s.

Intrusion Detection (ID) Intrusion detection is the ART of detecting inappropriate, incorrect, or anomalous activity There are two methods of doing ID.

Chapter 38 The Human Defence System. A pathogen is an organism that causes disease. The general defence system: non specific acts against all pathogens.

Immune System Part II Physiology Standards: 10 a-e

Automatic Detection of Emerging Threats to Computer Networks Andre McDonald.

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Network Forensics - III November 3, 2008.

The Immune System Dr. Timmel. What is the function of the immune system? To fight infection through the production of cells that inactivate foreign substances.

Ch 31 immune system AP lecture hill.com/sites/ /student_view0/ch apter22/animation__the_immune_response.h tml

starter CELL comparison Cell Natural Killer Cell B Lymphocyte

© 2010 Pearson Education, Inc. The Body’s Defenses  Innate Defenses  Adaptive Defenses  Immune Disorders.

Memmler’s A&P Chap 17: Body defenses, immunity and vaccines.

Mr. E Murphy. Objectives Defence Systems General Defence System Specific Defence System Lymphocytes.

Immune System By Kevin Cantu Kevin Li. Definition of Immune System Protect your body from diseases Protect your body from diseases Protected by White.

Presentation By SANJOG BHATTA Student ID : July 1’ 2009.

1. ABSTRACT Information access through Internet provides intruders various ways of attacking a computer system. Establishment of a safe and strong network.

Surface Defect Inspection: an Artificial Immune Approach Dr. Hong Zheng and Dr. Saeid Nahavandi School of Engineering and Technology.

Immunity Mrs. Dalia Kamal Eldien MSc in Microbiology Mrs. Dalia Kamal Eldien MSc in Microbiology Lecture NO: 14.

Some Great Open Source Intrusion Detection Systems (IDSs)

Unit 4 Immunology & Public Health

The First Line of Defence

Immune System Chapter 14.

Specific Cellular Defences Against Pathogens

Specific Cellular Defences Against Pathogens

Immunocomputing and Artificial Immune Systems

Presentation transcript:

CIFD: Computational Immunology for Fraud Detection Dr Richard Overill Department of Computer Science & International Centre for Security Analysis, King’s College London

Computational Immunology for Fraud Detection DTI LINK project funded under Phase 1 of the Management of Information programme Application of adaptive, self-learning technologies with low overheads (CI) to fraud detection in the financial sector Partners (with King’s College London): Anite Government Systems Ltd. (developer) The Post Office (end user)

Natural Immune Systems are multi-layered (“defence in depth”) consist of several sub-systems: innate immune system (scavenger cells which ingest debris and pathogens acquired immune system (white blood cells which co-operate to detect and eliminate pathogens / antigens)

Acquired Immune System Detector cells generated in bone marrow (B-cells), and in lymph system but matured in thymus gland (T-cells). Self-binding T-cell detectors destroyed by censoring (negative selection) in thymus. B- & remaining T-detectors released to bind to and destroy foreign (non-self) antigens.

Digital Immune Systems I Train with known normal behaviour (“self”) Generate database(s) of self-signatures. Generate a (random) initial population of detectors and screen it against database(s). Challenge the detectors with possibly anomalous behaviour (may contain some “foreign” activity).

Digital Immune Systems II An (approximate) match between a detector and an activity trace indicates a possible anomaly. React to (warn of) the possible anomaly. Evolve the population of detectors to reflect successful and consistently unsuccessful detectors (cloning / killing).

Digital Immune Systems III Can be host-based or network-based: Host-based systems monitor behaviour or processes on servers or other network hosts. Network-based systems are of 2 types: statistical traffic analysis using e.g. IP source & destination addresses and IP port / service. Promiscuous mode ‘sniffing’ of IP packets for anomalous behaviour.

Application to CIFD Build a database(s) of normal transactions and sequences of transactions. Look for anomalous and hence potentially fraudulent patterns of behaviour in actual transactions and transaction sequences, using the detector matching criteria. Adapt the detector population.

Advantages of CI Redundancy: collective behaviour of many detectors should lead to emergent properties of robustness and fault tolerance - no centralised or hierarchical control, no SPoF. Memory of previous encounters can be built in, e.g. as long-lived successful detectors. Various adaptive learning strategies can be tried out, e.g. affinity maturation, niching.

Disadvantages of CI Subject to compromise in similar ways to the human immune system, i.e. subversion via ‘auto-immune’ reaction (cf. rheumatoid arthritis) where the system is induced to misidentify “self” as “foreign”. subversion via ‘immune deficiency’ response (cf. HIV-AIDS) where the system’s response is suppressed - misidentifying “foreign” as “self”. subversion by concealing “foreign” behaviour in “self” disguise (“Wolf in sheep’s clothing” or T.H.)

Previous Applications of CI Computational Immunology (aka Artificial Immune Systems, AIS, in the USA) has already been used successfully for: detecting the activity of computer viruses and other malicious software (IBM TJW Res Cen.) detecting attempted intrusions into computers and networks (New Mexico & Memphis Univs)

Thank you. Any Questions Thank you! Any Questions? Contact: Tel: 020 7848 2833 Fax: 020 7848 2913 Email: richard@dcs.kcl.ac.uk