Presentation is loading. Please wait.

Presentation is loading. Please wait.

Artificial Immunity-based Intrusion Detection System Associate Prof. Fang Xian-jin Computer School of AUST.

Published byStephanie Dawson Modified over 8 years ago

Similar presentations

Presentation on theme: "Artificial Immunity-based Intrusion Detection System Associate Prof. Fang Xian-jin Computer School of AUST."— Presentation transcript:

1 Artificial Immunity-based Intrusion Detection System Associate Prof. Fang Xian-jin Computer School of AUST

2 Background - With the development of computer and network technology, information security is becoming very significant. - Solution: Data encryption, Authentication, Authorization and Access control, Digital Signature, Firewall, Intrusion Detection System, VPN, Anti-virus technology.

3 Background - Firewall is the first line of security defense, but it can’t prevent attack from intranet. - IDS can provide real time detection and implement defense strategy, its main purpose is to deal with inner attack.

4 Intrusion Detection System - What is the IDS? Input can be OS log, network data packet, application system log, firewall log, etc. Intrusion Detection Input normal Anomalous

5 Intrusion Detection System - General study methodology in IDS Misuse detection It is a rule-based detection technology, namely, p-best. The related technology is pattern matching algorithm. Anomaly detection it is a activity-based detection technology. Firstly,normal activity profile is created, and then comparing the deviation amplitude between input activity and normal activity profile. the following methods are used to study IDS: Statistic method [1] Data mining method [2] Artificial Immunity System[3] Artificial neural network[4][5] Fuzzy expert system[6] P-best (product-based expert system tool-kit) All kinds of classification and clustering methods

6 Natural immune system & computer security Important properties of natural immune systems: - Multilayered protection - Highly distributed detector - Effector - Memory system - Diversity of detection ability across individuals - Inexact matching strategies - Sensitivity to most new foreign patterns

7 To be continued!

8 References [1]. Stephanie Forrest, Steven A. Hofmeyr, Anil Somayaji. A Sense of Self for Unix Processes. [2]. Wenke Lee and Salvatore J. Stolfo, data mining approaches for intrusion detection, in: proceeding of the 7th USENIX Security Symposium, 1998. [3]. Steven Andrew Hofmeyr, An Immunological Model of Distributed Detection and Its Application to Computer Security [D], Department of computer science, University of new Mexico, Albuquerque, NM,1999. [4]. Anup K Ghosh, James Wanken, Frank Charron. Detecting anomalous and unknown intrusion against programs[C]. In: proceeding of the 1998 Annual Computer Security Applications Conference(ACSAC’98),1998. [5]. 宋歌, 闫巧, 喻建平. 神经网络在异常检测中的应用 [J], 计算机工程与应用, 2002.18(146). [6]. 李之棠, 杨红云. 模糊入侵检测模型 [J]. 计算机工程与科学, p49, Vol 22, No 2, 2000. [7]. Herve DEBAR, Monique Becker, Didier Siboni. A. Neural Network Component for an intrusion detection System. IEEE Symposium on Security and Privacy. Oakland, California: IEEE Computer Society 1992:256-266 [8]. C.R. Gent, C.P. Sheppard. Predicting time series by a fully corrected neural network trained by back propagation [J]. Computing and control Engineering Journal,1992:12(5):123~127. [9]. Anup K Ghosh, Aaron Schwartzbard, Michel Schatz, et al. Learning Program behavior profile for intrusion detection and network monitoring, Santa Clara, CA IEEE Computer society,1999:9~12. [10]. Cannady. Artificial Neural network for misuse detection [C]. In: proceeding of the 1998 National information system security conference(NISSC’98), Arlington, VA, 1998:443-456.

Download ppt "Artificial Immunity-based Intrusion Detection System Associate Prof. Fang Xian-jin Computer School of AUST."

Similar presentations

Intrusion Detection Systems (I) CS 6262 Fall 02. Definitions Intrusion Intrusion A set of actions aimed to compromise the security goals, namely A set.

Intrusion Detection Systems (I) CS 6262 Fall 02. Definitions Intrusion Intrusion A set of actions aimed to compromise the security goals, namely A set.
V-Detector: A Negative Selection Algorithm Zhou Ji, advised by Prof. Dasgupta Computer Science Research Day The University of Memphis March 25, 2005.

V-Detector: A Negative Selection Algorithm Zhou Ji, advised by Prof. Dasgupta Computer Science Research Day The University of Memphis March 25, 2005.
Loss-Sensitive Decision Rules for Intrusion Detection and Response Linda Zhao Statistics Department University of Pennsylvania Joint work with I. Lee,

Loss-Sensitive Decision Rules for Intrusion Detection and Response Linda Zhao Statistics Department University of Pennsylvania Joint work with I. Lee,
Flytrap: A Proposed Network-Based Strategy for Dynamically Managing Security.

Flytrap: A Proposed Network-Based Strategy for Dynamically Managing Security.
Anomaly Detection Steven M. Bellovin https://www.cs.columbia.edu/~smb Matsuzaki ‘maz’ Yoshinobu 1.

Anomaly Detection Steven M. Bellovin Matsuzaki ‘maz’ Yoshinobu 1.
Polymorphic blending attacks Prahlad Fogla et al USENIX 2006 Presented By Himanshu Pagey.

Polymorphic blending attacks Prahlad Fogla et al USENIX 2006 Presented By Himanshu Pagey.
Data Mining and Intrusion Detection

Data Mining and Intrusion Detection
Intrusion Detection and Containment in Database Systems Abhijit Bhosale M.Tech (IT) School of Information Technology, IIT Kharagpur.

Intrusion Detection and Containment in Database Systems Abhijit Bhosale M.Tech (IT) School of Information Technology, IIT Kharagpur.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
IDS/IPS Definition and Classification

IDS/IPS Definition and Classification
1 信息安全学科简介 方贤进 博士 / 副教授 2009/12/23 An Introduction to Information Security.

1 信息安全学科简介 方贤进 博士 / 副教授 2009/12/23 An Introduction to Information Security.
5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.

5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.
1 Intrusion Detection CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 4, 2004.

1 Intrusion Detection CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 4, 2004.
R e s e a r c h January 10, 2006Survey of interesting secure programming examples1 Secure Programming for Fun and Profit (Real World Experiences in Secure.

R e s e a r c h January 10, 2006Survey of interesting secure programming examples1 Secure Programming for Fun and Profit (Real World Experiences in Secure.
Unsupervised Intrusion Detection Using Clustering Approach Muhammet Kabukçu Sefa Kılıç Ferhat Kutlu Teoman Toraman 1/29.

Unsupervised Intrusion Detection Using Clustering Approach Muhammet Kabukçu Sefa Kılıç Ferhat Kutlu Teoman Toraman 1/29.
Neural Technology and Fuzzy Systems in Network Security Project Progress 2 Group 2: Omar Ehtisham Anwar 2005-02-0129 Aneela Laeeq 2005-02-0023.

Neural Technology and Fuzzy Systems in Network Security Project Progress 2 Group 2: Omar Ehtisham Anwar Aneela Laeeq
Mining Behavior Models Wenke Lee College of Computing Georgia Institute of Technology.

Mining Behavior Models Wenke Lee College of Computing Georgia Institute of Technology.
School of Computer Science and Information Systems

School of Computer Science and Information Systems
Intrusion Detection Systems By Ali Hushyar. What is an intrusion? Intrusion: “any action or set of actions that attempt to compromise the integrity, confidentiality.

Intrusion Detection Systems By Ali Hushyar. What is an intrusion? Intrusion: “any action or set of actions that attempt to compromise the integrity, confidentiality.
seminar on Intrusion detection system

seminar on Intrusion detection system

Similar presentations

Ads by Google