An immunology-inspired host-based multi-engine anomaly detection system with hybrid particle swarm optimisations

Publisher:
IEEE
Publication Type:
Conference Proceeding
Citation:
IEEE International Conference on Fuzzy Systems, 2012, pp. 1279 - 1286
Issue Date:
2012-01
Full metadata record
Files in This Item:
Filename Description Size
Thumbnail2012001721OK.pdf Published version406.46 kB
Adobe PDF
In this paper, multiple detection engines with multilayered intrusion detection mechanisms are proposed for enhancing computer security. The principle is to coordinate the results from each single-engine intrusion alert system, which seamlessly integrates with a multiple layered distributed service-oriented structure. An improved hidden Markov model (HMM) is created for the detection engine which is capable of the immunologybased self/nonself discrimination. The classications of normal and abnormal behaviours of system calls are further examined by an advanced fuzzy-based inference process tuned by HPSOWM. Considering a real benchmark dataset from the public domain, our experimental results show that the proposed scheme can greatly shorten the training time of HMM and signicantly reduce the false positive rate. The proposed HPSOWM works especially well for the efcient classication of unknown behaviors and malicious attacks.
Please use this identifier to cite or link to this item: