GEP-based framework for immune- inspired intrusion detection

Wan Tang, Limei Peng, Ximin Yang, Xia Xie, Yang Cao

Research output: Contribution to journalArticlepeer-review

3 Scopus citations

Abstract

Immune-inspired intrusion detection is a promising technology for network security, and well known for its diversity, adaptation, self-tolerance, etc. However, scalability and coverage are two major drawbacks of the immune-inspired intrusion detection systems (IIDSes). In this paper, we propose an IIDS framework, named GEP-IIDS, with improved basic system elements to address these two problems. First, an additional bio-inspired technique, gene expression programming (GEP), is introduced in detector (corresponding to detection rules) representation. In addition, inspired by the avidity model of immunology, new avidity/affinity functions taking the priority of attributes into account are given. Based on the above two improved elements, we also propose a novel immune algorithm that is capable of integrating two bio-inspired mechanisms (i.e., negative selection and positive selection) by using a balance factor. Finally, a pruning algorithm is given to reduce redundant detectors that consume footprint and detection time but do not contribute to improving performance. Our experimental results show the feasibility and effectiveness of our solution to handle the scalability and coverage problems of IIDS.

Original languageEnglish
Pages (from-to)1273-1293
Number of pages21
JournalKSII Transactions on Internet and Information Systems
Volume4
Issue number6
DOIs
StatePublished - Dec 2010

Keywords

  • Artificial immune system
  • Gene expression programming
  • Network intrusion detection

Fingerprint

Dive into the research topics of 'GEP-based framework for immune- inspired intrusion detection'. Together they form a unique fingerprint.

Cite this