|
|
 |
| |
|
|
|
Dynamically Real-time Anomaly Detection Algorithm with Immune Negative Selection |
|
|
|
PP: 1157-1163 |
|
|
|
Author(s) |
|
|
|
Lingxi Peng,
Wenbin Chen,
Dongqing Xie,
Ying Gao,
Chunlin Liang,
|
|
|
|
Abstract |
|
|
| Network anomaly detection has become the promising aspect of intrusion detection. The existing anomaly detection models
depict the detection profiles with a static way, which lack good adaptability and interoperability. Furthermore, the detection rate is
low, so they are difficult to be deployed the realtime detection under the high-speed network environment. In this paper, the excellent
mechanisms of self-learning and adaptability in the human immune system are referred and a dynamic anomaly detection algorithm with
immune negative selection, named as DADAI, is proposed. The concepts and formal definitions of antigen, antibody, and memory cells
in the network security domain are given; the dynamic clonal principle of antibody is integrated; the mechanism of immune vaccination
is discussed, and the dynamic evolvement formulations of detection profiles are established (including the detection profiles’ dynamic
generation and extinction, dynamic learning, dynamic transformation, and dynamic self-organization), which will accomplish that the
detection profiles dynamically synchronize with the real network environment. Both our theoretical analysis and experimental results
show that DADAI is a good solution to network anomaly detection, which increase the veracity and timeliness on anomaly detection
problem. |
|
|
|
|
|
|
|
