An immunology-inspired multi-engine anomaly detection system with hybrid particle swarm optimisations

Jiang, F; Ling, SH; Chan, KY; Chaczko, Z; Leung, FHF; Frater, MR

An immunology-inspired multi-engine anomaly detection system with hybrid particle swarm optimisations

Jiang, F Ling, SH

Chan, KY Chaczko, Z

Leung, FHF Frater, MR

Permalink

Publication Type:: Conference Proceeding
Citation:: IEEE International Conference on Fuzzy Systems, 2012
Issue Date:: 2012-10-23

Closed Access

	Filename	Description	Size
	06251241.pdf	Published version	1.08 MB	Adobe PDF	View/Open

Copyright Clearance Process

Recently Added
In Progress
Closed Access

This item is closed access and not available.

Full metadata record

Field	Value	Language
dc.contributor.author	Jiang, F	en_US
dc.contributor.author	Ling, SH https://orcid.org/0000-0003-0849-5098	en_US
dc.contributor.author	Chan, KY	en_US
dc.contributor.author	Chaczko, Z https://orcid.org/0000-0002-2816-7510	en_US
dc.contributor.author	Leung, FHF	en_US
dc.contributor.author	Frater, MR	en_US
dc.date.issued	2012-10-23	en_US
dc.identifier.citation	IEEE International Conference on Fuzzy Systems, 2012	en_US
dc.identifier.isbn	9781467315067	en_US
dc.identifier.issn	1098-7584	en_US
dc.identifier.uri	http://hdl.handle.net/10453/121651
dc.description.abstract	In this paper, multiple detection engines with multi-layered intrusion detection mechanisms are proposed for enhancing computer security. The principle is to coordinate the results from each single-engine intrusion alert system, which seamlessly integrates with a multiple layered distributed service-oriented structure. An improved hidden Markov model (HMM) is created for the detection engine which is capable of the immunology-based self/nonself discrimination. The classifications of normal and abnormal behaviours of system calls are further examined by an advanced fuzzy-based inference process tuned by HPSOWM. Considering a real benchmark dataset from the public domain, our experimental results show that the proposed scheme can greatly shorten the training time of HMM and significantly reduce the false positive rate. The proposed HPSOWM works especially well for the efficient classification of unknown behaviors and malicious attacks. © 2012 IEEE.	en_US
dc.relation.ispartof	IEEE International Conference on Fuzzy Systems	en_US
dc.relation.isbasedon	10.1109/FUZZ-IEEE.2012.6251241	en_US
dc.title	An immunology-inspired multi-engine anomaly detection system with hybrid particle swarm optimisations	en_US
dc.type	Conference Proceeding
utslib.for	080108 Neural, Evolutionary and Fuzzy Computation	en_US
dc.location.activity	Australia
pubs.embargo.period	Not known	en_US
pubs.organisational-group	/University of Technology Sydney
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology/School of Biomedical Engineering
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology/School of Electrical and Data Engineering
pubs.organisational-group	/University of Technology Sydney/Provost
pubs.organisational-group	/University of Technology Sydney/Provost/Jumbunna
pubs.organisational-group	/University of Technology Sydney/Strength - CHT - Health Technologies
pubs.organisational-group	/University of Technology Sydney/Strength - GBDTC - Global Big Data Technologies
pubs.organisational-group	/University of Technology Sydney/Strength - INEXT - Innovation in IT Services and Applications
utslib.copyright.status	closed_access
pubs.publication-status	Published	en_US

Abstract:

In this paper, multiple detection engines with multi-layered intrusion detection mechanisms are proposed for enhancing computer security. The principle is to coordinate the results from each single-engine intrusion alert system, which seamlessly integrates with a multiple layered distributed service-oriented structure. An improved hidden Markov model (HMM) is created for the detection engine which is capable of the immunology-based self/nonself discrimination. The classifications of normal and abnormal behaviours of system calls are further examined by an advanced fuzzy-based inference process tuned by HPSOWM. Considering a real benchmark dataset from the public domain, our experimental results show that the proposed scheme can greatly shorten the training time of HMM and significantly reduce the false positive rate. The proposed HPSOWM works especially well for the efficient classification of unknown behaviors and malicious attacks. © 2012 IEEE.

Please use this identifier to cite or link to this item:

http://hdl.handle.net/10453/30877