Article ID | Journal | Published Year | Pages | File Type |
---|---|---|---|---|
450543 | Computer Communications | 2007 | 10 Pages |
Abstract
The paper presents an architecture of an anomaly detection system based on the paradigm of artificial immune systems (AISs). Incoming network traffic data are considered by the system as signatures of potential attackers by mapping them into antigens of AISs either using some parameters of network traffic or headers of selected TCP/IP protocols. A number of methods of generation of antibodies (anomaly detectors) were implemented. The way of anomaly detection depends on the method of antibodies generation. The paper presents results of an experimental study performed with use of real data and shows how the performance of the anomaly detection system depends on traffic data coding and methods of generation of detectors.
Related Topics
Physical Sciences and Engineering
Computer Science
Computer Networks and Communications
Authors
Franciszek Seredynski, Pascal Bouvry,