Browse > Article
http://dx.doi.org/10.5391/JKIIS.2004.14.1.075

Adaptive Intrusion Detection Algorithm based on Learning Algorithm  

Sim, Kwee-Bo (중앙대학교 전자전기공학부)
Yang, Jae-Won (중앙대학교 전자전기공학부)
Lee, Dong-Wook (중앙대학교 전자전기공학부)
Seo, Dong-Il (한국전자통신연구원 네트워크보안구조 연구팀)
Choi, Yang-Seo (한국전자통신연구원 네트워크보안구조 연구팀)
Publication Information
Journal of the Korean Institute of Intelligent Systems / v.14, no.1, 2004 , pp. 75-81 More about this Journal
Abstract
Signature based intrusion detection system (IDS), having stored rules for detecting intrusions at the library, judges whether new inputs are intrusion or not by matching them with the new inputs. However their policy has two restrictions generally. First, when they couldn`t make rules against new intrusions, false negative (FN) errors may are taken place. Second, when they made a lot of rules for maintaining diversification, the amount of resources grows larger proportional to their amount. In this paper, we propose the learning algorithm which can evolve the competent of anomaly detectors having the ability to detect anomalous attacks by genetic algorithm. The anomaly detectors are the population be composed of by following the negative selection procedure of the biological immune system. To show the effectiveness of proposed system, we apply the learning algorithm to the artificial network environment, which is a computer security system.
Keywords
intrusion detection; negative selection; anomaly detector; genetic algorithm; learning;
Citations & Related Records
Times Cited By KSCI : 3  (Citation Analysis)
연도 인용수 순위
1 D. Dasgupta, "Information processing in immune system," in D. Corne, M. Dorigo, and F. Glover (Eds.), New ideas in optimization, pp. 161-166. McGraw-Hill
2 B. Caswell, J. Beale, J. C. Foster, and J. Posluns, Snort 2.0 Intrusion Detection, Syngress, pp.28-36. 2003.
3 심귀보, 양재원, 이동욱, 서동일, 최양서, "생체 면역계를 이용한 네트워크 침입탐지 시스템" 한국퍼지 및 지능시스템학회 논문지, 12 권, 5 호, pp.411-416, 2002. 10.   과학기술학회마을   DOI
4 P. D'haeseleer, "A distributed approach to anomaly detection," ACM Transactions on Information System Security, 1997.
5 D. E. Goldberg, Genetic Algorithms in Search, Optimization, and Machine Learning, pp. 189-192, Addison Wesley, 1989.
6 L. N. de Castro and J. Timmis, Artificial Immune System: A New Computational Intelligence Approach, Springer, 2002.
7 S. Forrest, A.S. Perelson, L. Allen, and R. Cherukuri "Self-nonself discrimination in a computer," Proc. of 1994 IEEE Symposium on Research in Security and Privacy, pp. 202-212, 1994.
8 심귀보, 서동일, 김대수, 임기욱, "컴퓨터 면역시스템 개발을 위한 인공면역계의 모텔링과 자기인식 알고리즘" 한국퍼지 및 지능시스템학회 논문지, 12 권, 1 호, pp. 52-60, 2002. 2.   과학기술학회마을
9 M. Roesch. et aI, Snort Users Manual Snort Release: 2.0.0, 8th, 2003.
10 S. A Hofmeyr, A Somayaji, and S. Forrest. "Intrusion detection using sequences of system calls," Journal of Computer Security, vol. 6, pp 151-180, 1998.
11 J. B. Gu, D. W. Lee, K. B. Sim, and S. H. Park, "An immunity-based security layer against Internet antigens," IEICE Trans. on Communications, vol. E83-B, no. 11, pp. 2570-2575, 2000.
12 이동욱, 심귀보, "T세포 발생과정의 긍정 및 부정 선택에 기반한 변경 검사 알고리즘" 한국퍼지 및 지능시스템학회 논문지, 13 권, 1 호, pp. 119-124, 2003. 2.   과학기술학회마을   DOI
13 J. Kim, P.J. Bently, "Evaluating negative selection in artificial immune system for network intrusion detection," Proc. of the Genetic and Evolutionary Computation Conference, pp. 1330-1337, 2001.
14 D. Dasgupta ed, Artificial Immune Systems and Their Applications, Springer-Verlag, 1998.
15 J. Kim, and P. J. Bentley, "Towards an artificial immune system for network intrusion detection: An investigation of clonal selection with a negative selection operator," Proc. of Congress on Evolutionary Computation, pp.1244-1252, 2001.
16 R. A. Wallace, G. P. Sanders, and R. J. Ferl, BIOLOGY: The Science of Life, 3rd eds., Harper Collins Publishers Inc., 1991.
17 I. Roitt, J. Brostoff, D. Male, Immunology, 4th edition, Mosby, 1996.