Jungwon Kim
'Malicious Code Execution Detection and Response Immune System inspired by the Danger Theory'
Kim, Jungwon; Greensmith, Julie; Twycross, Jamie; Aickelin, Uwe
Authors
JULIE GREENSMITH julie.greensmith@nottingham.ac.uk
Lecturer
JAMIE TWYCROSS JAMIE.TWYCROSS@NOTTINGHAM.AC.UK
Associate Professor
Uwe Aickelin
Abstract
The analysis of system calls is one method employed by anomaly detection systems to recognise malicious code execution. Similarities can be drawn between this process and the behaviour of certain cells belonging to the human immune system, and can be applied to construct an artificial immune system. A recently developed hypothesis in immunology, the Danger Theory, states that our immune system responds to the presence of intruders through sensing molecules belonging to those invaders, plus signals generated by the host indicating danger and damage. We propose the incorporation of this concept into a responsive intrusion detection system, where behavioural information of the system and running processes is combined with information regarding individual system calls.
Citation
Kim, J., Greensmith, J., Twycross, J., & Aickelin, U. (2005). 'Malicious Code Execution Detection and Response Immune System inspired by the Danger Theory'.
Conference Name | Adaptive and Resilient Computing Security Workshop (ARCS-05) |
---|---|
Publication Date | Jan 1, 2005 |
Deposit Date | Oct 22, 2007 |
Publicly Available Date | Oct 22, 2007 |
Peer Reviewed | Peer Reviewed |
Public URL | https://nottingham-repository.worktribe.com/output/1020446 |
Files
05arcs_danger.pdf
(80 Kb)
PDF
You might also like
Detecting danger: the Dendritic Cell Algorithm
(-0001)
Book Chapter
Recommending rides: psychometric profiling in the theme park
(2010)
Journal Article
Quiet in class: classification, noise and the dendritic cell algorithm
(2011)
Journal Article
The dendritic cell algorithm for intrusion detection
(2012)
Book Chapter
Integrating real-time analysis with the dendritic cell algorithm through segmentation
(-0001)
Presentation / Conference Contribution
Downloadable Citations
About Repository@Nottingham
Administrator e-mail: discovery-access-systems@nottingham.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search