Immune Danger Theory Research Articles

Mimicry Detection Method Based on Immune Danger Theory

Considering that the traditional detector has lower detection rate, resource utilization and higher false alarm rate, this paper proposes a mimicry algorithm and a mimicry detector based on Immune Danger Theory (IDTMD). The detector adjusts the types and number of detection organizations and detection cells dynamically, according to the types and number of the detected signal and the detected dangerous signal, as to realize the dynamic, diversity and randomness of mimicry detection. The KDD-CUP99 dataset was used to test the comprehensive detection performance of the IDTMD detector, the detector based on Negative Selection Algorithm (NSA), the detector based on Dendritic Cell Algorithm (DAC). The results show that the detector improves the detection rate and the resource utilization, decreases the false alarm rate, and when testing amount reaches a certain scale, its response time is significantly less than other detectors’.

Situation assessment model for inter‐domain routing system

Although nowadays Internet is facing more and more threats, very few works have investigated the security situation assessment for inter-domain routing system which is the most significant infrastructure of Internet. To deal with the problem, a situation assessment model based on the immune Danger Theory is proposed. In this study, the authors first give a comprehensive description of the model architecture as well as practical considerations, and then the main components including signal mapping, antigen selection, routing behaviour analysis and global situation assessment are, respectively, defined and illustrated. Evaluations are launched in view of Japan earthquake and YouTube hijacking, and the results show that the model is able to assess the global anomalous degree of specific inter-domain routing system quantitatively, which can provide network administrator with accurate and timely information to conduct network monitoring and route protection.

Artificial Immune Danger Theory Based Model for Network Security Evaluation

Inspired by the principles of immune danger theory, a danger theory based model for network security risk assessment is presented in this paper. Firstly, the principle of the danger theory is introduced. And then, with the improved concepts and formal definitions of antigen, antibody, danger signal, and detection lymphocyte for network security risk assessment presented , the distributed architecture of the proposed model is described . Following that, the principle of network intrusion detection is expounded. Finally, the method of network security risk assessment is given . Theoretical analysis and simulation results show that the proposed model can evaluate the network attack threats in real time. Thus, it provides an effective risk evaluation solution to network security.

Danger Theory Based Risk Evaluation Model for Smurf Attacks

Smurf attack belongs to popular Denial-of-Service (DoS) attack, and they can cause devastating impact on computer systems. Inspired by the principles of immune danger theory, a novel risk evaluation model, referred to as DTRESA, for smurf attacks is proposed in this paper. Within the presented model, dangerous smurf attacks are compared to bacterium (or virus) of the immune danger theory, which induce danger signal by simulating cellular distress or cell unnatural death; through immune recognition of artificial lymphocytes, the attacks are detected, and the attack risk is evaluated by calculating the danger signal of host computers. Simulation results and theoretical analysis show that the proposed model is feasible. Thus, it provides a novel solution to DoS detection and computer network security risk assessment.