Article

Towards an immunity-based anomaly detection system for network traffic

Authors:

KES'06: Proceedings of the 10th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part II

Pages 123 - 130

https://doi.org/10.1007/11893004_16

Published: 09 October 2006 Publication History

Publisher Site

Abstract

We have applied our previous immunity-based system to anomaly detection for network traffic, and confirmed that our system outperformed the single-profile method. For internal masquerader detection, the missed alarm rate was 11.21% with no false alarms. For worm detection, four random-scanning worms and the simulated metaserver worm were detected with no missed alarms and no false alarms, while a simulated passive worm was detected with a missed alarm rate of 80.57%.

References

[1]

Williamson, M.M.: Throttling viruses: restricting propagation to defeat malicious mobile code. In: ACSAC Security Conference 2002. (2002) 61-68.

Crossref

Google Scholar

[2]

Okamoto, T.: A worm filter based on the number of unacknowledged requests. In: KES 2005, LNAI 3682 (2005) 93-99.

Crossref

Google Scholar

[3]

Weaver, N., Paxson, V., Staniford, S., Cunningham, R.: A taxonomy of computer worms. In: The 2003 ACM Workshop on Rapid Malcode, ACM Press (2003) 11-18.

Crossref

Google Scholar

[4]

Okamoto, T., Watanabe, T., Ishida, Y.: Towards an immunity-based system for detecting masqueraders. In: KES 2003, LNAI 2774 (2003) 488-495.

Google Scholar

[5]

Okamoto, T., Watanabe, T., Ishida, Y.: Mechanism for generating immunity-based agents that detect masqueraders. In: KES 2004, LNAI 3214 (2004) 534-540.

Google Scholar

[6]

Okamoto, T., Watanabe, Y., Ishida, Y.: Test statistics for a masquerader detection system - a comparison between hidden markov model and other probabilistic models. Transactions of the ISCIE 16(2) (2003) 61-69.

Google Scholar

[7]

Schonlau, M., DuMouchel, W., Ju, W., Karr, A., Theus, M., Vardi, Y.: Computer intrusion: Detecting masquerades. Statistical Science 16(1) (2001) 58-74.

Google Scholar

Cited By

View all

Okamoto TIshida Y(2007)Framework of an immunity-based anomaly detection system for user behaviorProceedings of the 11th international conference, KES 2007 and XVII Italian workshop on neural networks conference on Knowledge-based intelligent information and engineering systems: Part III10.5555/1771230.1771344(821-829)Online publication date: 12-Sep-2007
https://dl.acm.org/doi/10.5555/1771230.1771344

Index Terms

Towards an immunity-based anomaly detection system for network traffic
1. Computing methodologies
  1. Modeling and simulation
    1. Model development and analysis
      1. Modeling methodologies

Index terms have been assigned to the content through auto-classification.

Recommendations

Towards an immunity-based anomaly detection system for network traffic

This paper proposes an immunity-based anomaly detection system for network traffic. The system is inspired by the specificity and diversity of the immune system; the system has a user-specific agent for every user, and diverse agents make a decision ...
Network Anomaly Detection Based on Traffic Prediction
SCALCOM-EMBEDDEDCOM '09: Proceedings of the 2009 International Conference on Scalable Computing and Communications; Eighth International Conference on Embedded Computing

As the development of Internet, it is more and more difficult to detect anomaly promptly and precisely. In this paper, we proposed an anomaly detection algorithm based on the predicting of multi-level wavelet detail signals synchronously. Firstly, ...
Network traffic analysis over clustering-based collective anomaly detection
Abstract
Due to the ever-growing presence of network traffic, there has been a considerable amount of research on anomaly detection in network traffic by clustering. Most of them have not considered the problem that collective anomaly detection ...

Comments

Information & Contributors

Information

Published In

KES'06: Proceedings of the 10th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part II

October 2006

1335 pages

ISBN:3540465375

Editors:
Bogdan Gabrys
School of Design, Engineering and Computing, Bournemouth University, UK
,
Robert J. Howlett
Centre for SMART Systems, School of Environment and Technology, University of Brighton, Brighton, UK
,
Lakhmi C. Jain
School of Electrical and Information Engineering, Knowledge Based Intelligent Engineering Systems Centre, University of South Australia, Mawson Lakes, Australia

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 09 October 2006

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 04 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Okamoto TIshida Y(2007)Framework of an immunity-based anomaly detection system for user behaviorProceedings of the 11th international conference, KES 2007 and XVII Italian workshop on neural networks conference on Knowledge-based intelligent information and engineering systems: Part III10.5555/1771230.1771344(821-829)Online publication date: 12-Sep-2007
https://dl.acm.org/doi/10.5555/1771230.1771344

Abstract

References

Cited By

Index Terms

Recommendations