Visible to the public Automated Intrusion Response System Algorithm with Danger Theory

TitleAutomated Intrusion Response System Algorithm with Danger Theory
Publication TypeConference Paper
Year of Publication2014
AuthorsLing-Xi Peng, Tian-Wei Chen
Conference NameCyber-Enabled Distributed Computing and Knowledge Discovery (CyberC), 2014 International Conference on
Date PublishedOct
Keywordsadaptive automated intrusion response system, artificial immune, artificial immune system, artificial immune systems, automated intrusion response system, Communication networks, computer network security, danger evaluation, danger theory, Detectors, distributed computing, immature detector, Knowledge discovery, Mathematical model, memory detector, Network security, real-time network danger evaluation equation, Real-time Systems, security
Abstract

Intrusion response is a new generation of technology basing on active defence idea, which has very prominent significance on the protection of network security. However, the existing automatic intrusion response systems are difficult to judge the real "danger" of invasion or attack. In this study, an immune-inspired adaptive automated intrusion response system model, named as AIAIM, was given. With the descriptions of self, non-self, memory detector, mature detector and immature detector of the network transactions, the real-time network danger evaluation equations of host and network are built up. Then, the automated response polices are taken or adjusted according to the real-time danger and attack intensity, which not only solve the problem that the current automated response system models could not detect the true intrusions or attack actions, but also greatly reduce the response times and response costs. Theory analysis and experimental results prove that AIAIM provides a positive and active network security method, which will help to overcome the limitations of traditional passive network security system.

DOI10.1109/CyberC.2014.16
Citation Key6984277