Computer defense using artificial intelligence
Abstract
As library-based techniques of virus and intrusion detection prove insufficient to be means of protection for computer systems and networks, alternate methods must be incorporated into computer defense. This paper surveys a variety of Artificial Intelligence methods aimed at improving the effectiveness of modern computer security in the face of more prevalent, sophisticated, and ever-changing threats. Specifically, Artificial Immune Systems, Genetic Algorithms, Genetic Programming, and Neural Networks are discussed primarily within the auspices of threat analysis and system testing. Several implemented solutions are discussed and analyzed. Additionally, the paper provides suggestions for the synthesis of varying methods with traditional security in order to create a stronger, more robust security system.
References
[1]
Allen, J., Christie, A., et. al. 2000. "State of the Practice of Intrusion Detection Technologies." Technical Report CMU/SEI-99-TR-028. Software Engineering Institute, Carnegie-Mellon University, Pittsburgh, PA.
[2]
Anchor, K., Williams P., Gunsch, G., and Lamont, G. 2002. The Computer Defense Immune System: Current and Future Research in Intrusion Detection.
[3]
Botha, M., Von Solms, R., Perry, K., Loubser, E., and Yamoyany, G. 2002. "The Utilitization of Artificial Intelligence in a Hybrid Intrusion Detection System." Proceedings of SAICSIT 2002, pp. 149--155.
[4]
Dasgupta, D. and Nino, F. 2000. "A Comparison of Negative and Positive Selection Algorithms in Novel Pattern Detection." Proceedings of the IEEE International Conference on Systems, Man, and Cybernetics. pp. 125--130.
[5]
Dasgupta, D. and Gonzalez, F. 2002. "An Immunity-Based Technique to Characterize Intrusions in Computer Networks." IEEE Transactions on Evolutionary Computation. pp. 281--291.
[6]
Dozier, G., Homaifar, A., Tunstel, E., and Battle, D. 2001. "An Introduction to Evolutionary Computation" (Chapter 17), Intelligent Control Systems Using Soft Computing Methodologies, A. Zilouchian & M. Jamshidi (Eds.), pp. 365--380, CRC press. (available at: www.eng.auburn.edu/~gvdozier/chapter17.doc)
[7]
Edge, K. S., Lamont, G. B., and Raines, R. A. "A Retrovirus Inspired Algorithm for Virus Detection & Optimization." 2006. GECCO. pp. 103--110.
[8]
Engelbrecht, A. P. 2005. Computational Intelligence. John Wiley & Sons, Ltd., The Atrium, Southern Gate, Chichester, West Sussex, England.
[9]
Esponda, F.; Forrest, S.; Helman, P., "A formal framework for positive and negative detection schemes," Systems, Man and Cybernetics, Part B, IEEE Transactions on, vol.34, no.1, pp. 357--373, Feb. 2004
[10]
Hang, X., Dai, H. "Applying both Positive and Negative Selection to Supervised Learning for Anomaly Detection." 2005. GECCO pp. 342--352.
[11]
Harmer, P. K., Williams, P. D., Gunsch, G. H., and Lamont, G. B. 2002. "An Artificial Immune System Architecture for Computer Security Applications." IEEE Transactions of Evolutionary Computation, Vol. 6, No. 3.
[12]
Hofmeyr, S. and Forrest, S. 1999. Immunity by Design: An Artificial Immune System. Proceedings of the 1999 Genetic and Evolutionary Computation Conference, pp. 1289--1296.
[13]
Hou, H. 2006. "Genertia: A System for Vulnerability Analysis, Design, and Redesign of Immunity-Based Anomaly Detection Systems." Doctoral Dissertation, Auburn University.
[14]
Hui Gong, R., Zulkernine, M., Abolmaesumi, P., 2005, "A software implementation of a genetic algorithm based approach to network intrusion detection". Sixth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing -SNPD/SAWN 2005, 246--253.
[15]
Kayacik, H. G., Heywood, M., and Zincir-Heywood, N. 2006, "On evolving buffer overflow attacks using genetic programming", In Proceedings of the 8th Annual Conference on Genetic and Evolutionary Computation (Seattle, Washington, USA, July 08 - 12, 2006). GECCO '06. ACM Press, New York, NY, 1667--1674. DOI= http://doi.acm.org/10.1145/1143997.114427
[16]
LaRoche, P., and Zincir-Heywood, A. N., 2006, "Genetic Programming Based WiFi Data Link Layer Attack Detection", In Proceedings of the 4th Annual Communication Networks and Services Research Conference, 24--25 May 2006.
[17]
Li, W., 2004, "Using Genetic Algorithm Approach for Network Intrusion Detection", SANS Institute, USA.
[18]
Lu, W., and Traore, I., 2003, "Detecting New Forms of Network Intrusion Using Genetic Programming", Evolutionary Computation, 2003. CEC '03. IEEE Transactions, Vol 3, 2165--2172
[19]
Mukkamala, S., Sung, A. H. et al. (2005) Cyber Security Challenges: Designing Efficient Intrusion Detection Systems and Antivirus Tools, Enhancing Computer Security with Smart Technology, V. R. Vemuri and V. S. H. Rao (Eds.), CRC Press, USA. ISBN 0-8493-3045-9, pp. 125--161.
[20]
Stibor, T., Mohr, P., and Timmis, J. 2005. "Is Negative Selection Appropriate for Anomaly Detection?" GECCO. pp. 321--328.
[21]
Symantec. 2006. Symantec Security Response - Definitions Added {Online}.(available at: www.symantec.com/avcenter/defs.added.html)
[22]
Tesauro, G. J., Kephart, J. O., Sorkin, G. B., "Neural networks for computer virus recognition", IEEE Expert Magazine, Aug 1996, Vol 11, Issue 4, 1996, pp. 5--6.
[23]
Wu, Z., Dong, H., Liang, Y., and McKay, R. I. 2003. "A Chromosome-based Evaluation Model for Computer Defense Immune Systems." Conference on Evolutionary Computation. Volume 2, pp. 1363--1369.
- Computer defense using artificial intelligence
Recommendations
Towards a Novel Intrusion Detection Architecture using Artificial Intelligence
ICSIE '20: Proceedings of the 9th International Conference on Software and Information EngineeringArtificial intelligence (AI) is a transformative technology for potential replacement of human tasks and activities within industrial, social, intellectual, and digital applications. Network intrusion detection is crucial to identify cyber-attacks in ...
Artificial intelligence
AbstractArtificial intelligence (AI) is the Science and Engineering domain concerned with the theory and practice of developing systems that exhibit the characteristics we associate with intelligence in human behavior. Starting with a brief history of ...
Backdoor Detection System Using Artificial Neural Network and Genetic Algorithm
ICCIS '11: Proceedings of the 2011 International Conference on Computational and Information SciencesIn this paper, we consider the issue of detecting a missing member of malicious codes named backdoors. We developed a novel approach for revealing them based on two clustered, system behavior and network traffic. Backdoors can easily be installed on the ...
Comments
Information & Contributors
Information
Published In
Sponsors
- SIGSIM: ACM Special Interest Group on Simulation and Modeling
- SCS: Society for Modeling and Simulation International
Publisher
Society for Computer Simulation International
San Diego, CA, United States
Publication History
Published: 25 March 2007
Check for updates
Author Tags
Qualifiers
- Research-article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 757Total Downloads
- Downloads (Last 12 months)7
- Downloads (Last 6 weeks)1
Reflects downloads up to 01 Mar 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in