Enhanced AIS Based Intrusion Detection System Using Natural Killer Cells

Keywords: Intrusion, IDS, AIS, anomaly detection, natural killer cells

Abstract

Intrusion detection system is used to monitor the system and network activities to identify anomalies and attacks so that integrity, availability, and confidentiality can be preserved. Here an intrusion detection system based on Artificial Immune System is proposed based on Natural Killer (NK) cells with immunological memory. NK cells are created and each NK cells detection radius is determined using the negative selection algorithm and is trained to detect various attacks. Effective cells with high fairness values are proliferated and distributed to the network using clonal selection algorithm. In this paper, two types of NK cell are used-a Heavyweight NK cell (HWNK) and a number of Lightweight NK cells (LWNK). The incoming data is vectorized and Major Histocompatibility Complex Class I (MHC1) is created. Then based on this MHC1, any of the receptors i.e. Activating Receptor or Inhibiting Receptor is activated. If it is the signature of an attack, Activating Receptor is activated. Activating receptor activation results in either cytokine release or apoptosis. Here cytokine release means an alarm is generated informing the administrator and apoptosis stands for dropping of the packet. If Inhibiting Receptor is activated, it’s a normal packet there is no action taken. The technique proposed yields high accuracy, better detection rate and quick response time.

Downloads

Download data is not yet available.

Author Biographies

B. J. Bejoy, Department of CSE, Christ (Deemed to be University), India

B. J. Bejoy is currently working as an Assistant Professor in the Department of Computer Science and Engineering at CHRIST (Deemed to be University) Bangalore. He completed his Ph.D in Banking Technology (An interdisciplinary in CSE and Banking) in thesis titled “Co-operative framework for distributed intrusion detection using Artificial Immune System” from Pondicherry University in 2019. He completed his ME in Computer Science and Engineering and BTech in Information Technology from Anna University Chennai in 2008 and 2006 respectively. He is a Life Member of ISTE. He has thirteen years of teaching and research experience. His current research areas include Artificial Immune System, Intrusion Detection System, Wireless Sensor Networks, Hardware Trojans Detection, Big Data Analytics and Software Defined Networking.

S. Janakiraman, Department of Banking Technology, Pondicherry University, India

S. Janakiraman received his Ph.D. (Computer Science and Engineering) degree from the Faculty of Information and Communication Engineering, Anna University, Chennai, Tamilnadu, India in the year 2010. He has obtained both of his Post Graduate degree, M.E. (Computer Science and Engineering) and Graduate degree B.E., (Electrical and Electronics Engineering) from Madurai Kamaraj University, Madurai, Tamilnadu, India. He is currently serving as Assistant Professor, Department of Banking Technology at Pondicherry University, Pondicherry. He has nineteen years of teaching and research experience. He is a Life Member of ISTE, Institution of Engineers (India). He is a reviewer for reputed journals publications which includes IEEE, IET, Elsevier publications. He is serving as a programme committee member and advisory committee member in international/national conferences like IEEE, Springer conferences. His area of research interest is Machine Learning and pattern recognition, Big Data Analytics, Banking Technology, Computer Networks, Security, and Image Processing. He has published more than 36 papers in international journals and presented 44 papers in international and national conferences.

References

Denning, Dorothy, E.: An Intrusion Detection Model, Proceedings of the Seventh IEEE Symposium on Security and Privacy, May 1986. Author, Article title, Journal, Volume, page numbers (year)

Forrest, S., Hofmeyr, S.A., Somayaji, A.: Computer immunology. Commun. ACM. 40, 8896 (1997).

Forrest, S., Perelson, A.S., Allen, L., Cherukuri, R.: Self nonself discrimination in a computer. Proc. 1994 IEEE Comput. Soc. Symp. Res. Secur. Priv. 202212 (1994).

Yang, J., Liu, X., Li, T., Liang, G., Liu, S.: Distributed agents model for intrusion detection based on AIS. Knowledge-Based Syst. 22, 115119 (2009).

Bejoy B J, Bijeesh TV, S Janakiraman: Artificial immune system based frameworks and its application in cyber immune system: a comprehensive review. JCR. 2020; 7(2): 552–560. doi:10.31838/jcr.07.02.103,

Matzinger, P: The danger model: A renewed sense of self. Science, 296(5566), 301–305 (2002).

Greensmith, J., Aickelin, U., Cayzer, S.: Introducing dendritic cells as a novel Immune-Inspired algorithm for anomaly detection. Lecture Notes in Computer Science, 3627. Berlin, Heidelberg: Springer (2005).

Burnet, F.M.: The clonal selection theory of acquired immunity. Vanderbilt University Press (1959).

De Castro, L.N., Von Zuben, F.J.: Learning and optimization using the clonal selection principle. IEEE Trans. Evol. Comput. 6, 239251 (2002).

Jerne, N.K.: Towards a network theory of the immune system. Ann. Immunol. (Inst. Pasteur), 125C, 373389 (1974).

Luther, K., Bye, R., Alpcan, T., Mller, A., Albayrak, A cooperative AIS framework for intrusion detection. IEEE Int. Conf. Commun. 14091416 (2007).

Yu, S., Dasgupta, D.: Conserved Self Pattern Recognition Algorithm,7th International Conference on Artificial Immune Systems, Phuket, Thailand (2008).

Afzali Seresht, N., Azmi, R.: MAIS-IDS: A distributed intrusion detection system using multi-agent AIS approach. Eng. Appl. Artif. Intell. 35, 286298 (2014).

Hu, X., Liu, X., Li, T., Yang, T., Chen, W., Liu, Z.: Dynamically real-time intrusion detection algorithm with immune network. J. Comput. Inf. Syst. 11, 587594 (2015).

Ou, C.M.: Host-based intrusion detection systems adapted from agent-based artificial immune systems. Neurocomputing. 88, 7886 (2012).

Yang, J., Liu, X., Li, T., Liang, G., Liu, S.: Distributed agents model for intrusion detection based on AIS. Knowledge-Based Syst. 22, 115119 (2009).

Zhang, P., Tan, Y.: Immune cooperation mechanism based learning framework. Neurocomputing. 148, 158166 (2015).

Fu, J., Yang, H., Liang, Y., Tan, C.: Bait a trap: Introducing natural killer cells to artificial immune system for spyware detection. Lect. Notes Comput. Sci. (including Subser. Lect. Notes Artif. Intell. Lect. Notes Bioinformatics). 7597 LNCS, 125138 (2012).

Sobh, T.S., Mostafa, W.M.: A cooperative immunological approach for detecting network anomaly. Appl. Soft Comput. J. 11, 12751283 (2011).

Laurentys, C.A., Ronacher, G., Palhares, R.M., Caminhas, W.M.: Design of an Artificial Immune System for fault detection: A Negative Selection Approach. Expert Syst. Appl. 37, 55075513 (2010).

Janakiraman, S., Vasudevan, V.: Agent-Based DIDS: A Intelligent Learning Approach. International Journal of Intelligent Information Processing, Serials Publications (2009).

http://nsl.cs.unb.ca/NSL-KDD

M. Tavallaee, E. Bagheri, W. Lu, and A. Ghorbani,: A Detailed Analysis of the KDD CUP 99 Data Set, Second IEEE Symposium on Computational Intelligence for Security and Defense Applications (CISDA), (2009).

https://www.unb.ca/cic/datasets/ids-2017.html

Published
2021-02-09
Section
Articles