Uwe Aickelin
Danger theory: the link between AIS and IDS?
Aickelin, Uwe; Bentley, Peter; Cayzer, Steve; Kim, Jungwon; McLeod, Julie
Authors
Peter Bentley
Steve Cayzer
Jungwon Kim
Julie McLeod
Contributors
Jon Timmis
Editor
Peter Bentley
Editor
Emma Hart
Editor
Abstract
We present ideas about creating a next generation Intrusion Detection System (IDS) based on the latest immunological theories. The central challenge with computer security is determining the difference between normal and potentially
harmful activity. For half a century, developers have protected their systems by coding rules that identify and block specific events. However, the nature of current
and future threats in conjunction with ever larger IT systems urgently requires the development of automated and adaptive defensive tools. A promising solution is emerging in the form of Artificial Immune Systems (AIS): The Human Immune System (HIS) can detect and defend against harmful and previously unseen invaders, so can we not build a similar Intrusion Detection System (IDS) for our computers?
Presumably, those systems would then have the same beneficial properties as HIS like error tolerance, adaptation and self-monitoring. Current AIS have been successful on test systems, but the algorithms rely on self-nonself discrimination, as stipulated in classical immunology. However, immunologist are increasingly finding fault with traditional self-nonself thinking and a new ‘Danger Theory’ (DT) is emerging. This new theory suggests that the immune system reacts to threats based on the correlation of various (danger) signals and it provides a method of ‘grounding’ the immune response, i.e. linking it directly to the attacker. Little is currently understood of the precise nature and correlation of these signals and the theory is a topic of hot debate. It is the aim of this research to investigate this correlation and to translate the DT into the realms of computer security, thereby creating AIS that are no longer limited by self-nonself discrimination. It should be noted that we do not intend to defend this controversial theory per se, although as a deliverable this project will add to the body of knowledge in this area. Rather we are interested in its merits for scaling up AIS applications by overcoming self-nonself discrimination problems.
Citation
Aickelin, U., Bentley, P., Cayzer, S., Kim, J., & McLeod, J. (2003). Danger theory: the link between AIS and IDS?. In J. Timmis, P. Bentley, & E. Hart (Eds.), Artificial immune systems: second international conference, ICARIS 2003, Edinburgh, UK, September 1-3, 2003: proceedings. Springer. https://doi.org/10.1007/978-3-540-45192-1_15
| Publication Date | Jan 1, 2003 |
|---|---|
| Deposit Date | Feb 18, 2009 |
| Publicly Available Date | Feb 18, 2009 |
| Journal | Proceedings of the 2nd International Conference on Artificial Immune Systems (ICARIS2003), Edinburgh, UK |
| Peer Reviewed | Peer Reviewed |
| Book Title | Artificial immune systems: second international conference, ICARIS 2003, Edinburgh, UK, September 1-3, 2003: proceedings |
| ISBN | 3540407669 |
| DOI | https://doi.org/10.1007/978-3-540-45192-1_15 |
| Public URL | https://nottingham-repository.worktribe.com/output/1022104 |
| Publisher URL | http://www.sigmod.org/dblp/db/conf/icaris/icaris2003.html |
| Additional Information | The original publication is available at www.springerlink.com |
Files
aickelin2003b.pdf
(60 Kb)
PDF
Downloadable Citations
About Repository@Nottingham
Administrator e-mail: digital-library-support@nottingham.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search