A Cooperative AIS Framework for Intrusion Detection


We present a cooperative intrusion detection approach inspired by biological immune system principles and P2P communication techniques to develop a distributed anomaly detection scheme. We utilize dynamic collaboration between individual artificial immune system (AIS) agents to address the well-known false positive problem in anomaly detection. The AIS agents use a set of detectors obtained through negative selection during a training phase and exchange status information and detectors on a periodical and event-driven basis, respectively. This cooperation scheme follows peer-to-peer communication principles in order to avoid a single point of failure and increase the robustness of the system.We illustrate our approach by means of two specific example scenarios in a novel network security simulator.

author = {Katja Luther and Rainer Bye and Tansu Alpcan and Sahin Albayrak and Achim Müller},
title = {{A Cooperative Approach for Intrusion Detection}},
booktitle = {IEEE International Conference on Communications (ICC 2007)},
year = {2007},
publisher = {IEEE}
Katja Luther, Rainer Bye, Tansu Alpcan, Sahin Albayrak, Achim Müller
IEEE International Conference on Communications (ICC 2007)