An anomaly-based intrusion detection system based on artificial immune system (AIS) techniques

Author

Harish Valayapalayam Kumaravel, Purdue University

Date of Award

8-2016

Degree Type

Thesis

Degree Name

Master of Science (MS)

Department

Interdisciplinary Studies

First Advisor

Phillip T. Rawles

Committee Chair

Phillip T. Rawles

Committee Member 1

Victor Raskin

Committee Member 2

Anthony H. Smith

Abstract

Two of the major approaches to intrusion detection are anomaly-based detection and signature-based detection. Anomaly-based approaches have the potential for detecting zero-day and other new forms of attacks. Despite this capability, anomaly-based approaches are comparatively less widely used when compared to signature-based detection approaches. Higher computational overhead, higher false positive rates, and lower detection rates are the major reasons for the same. This research has tried to mitigate this problem by using techniques from an area called the Artificial Immune Systems (AIS). AIS is a collusion of immunology, computer science and engineering and tries to apply a number of techniques followed by the human immune system in the field of computing. An AIS-based technique called negative selection is used. Existing implementations of negative selection algorithms have a polynomial worst-case run time for classification, resulting in huge computational overhead and limited practicality. This research implements a theoretical concept and achieves linear classification time. The results from the implementation are compared with that of existing Intrusion Detection Systems.

Recommended Citation

Kumaravel, Harish Valayapalayam, "An anomaly-based intrusion detection system based on artificial immune system (AIS) techniques" (2016). Open Access Theses. 964.
https://docs.lib.purdue.edu/open_access_theses/964