TY - GEN
T1 - Intrusion detection oriented distributed negative selection algorithm
AU - Luo, Wenjian
AU - Cao, Xianbin
AU - Wang, Jiying
AU - Wang, Xufa
N1 - Publisher Copyright:
© 2002 Nanyang Technological University.
PY - 2002
Y1 - 2002
N2 - The negative selection algorithm proposed by Forrest et al. (1994) is a very significant change detection algorithm based on the generation process of T-Cells process in biological system. But when negative selection algorithm is used in distributed intrusion detection, the first problem that we meet is how to distribute the detectors in all detection workstations. To resolve this problem, this paper proposed a novel distributed negative selection algorithm based on the original negative selection algorithm. The core of this distributed negative selection algorithm is the distributing strategy. Two kinds of distributing strategies, random distributing strategy and greedy distributing strategy are given. Then we compared the performance of random distributing strategy and greedy distributing strategy. The experimental results show that: (1) distributed negative selection algorithm can avoid the problem of single point failure, when a part of detection workstations fails, the detection rate does not descend quickly; and (2) when some detection workstations fail, greedy distributing strategy can maintain better detection rate than random distributing strategy.
AB - The negative selection algorithm proposed by Forrest et al. (1994) is a very significant change detection algorithm based on the generation process of T-Cells process in biological system. But when negative selection algorithm is used in distributed intrusion detection, the first problem that we meet is how to distribute the detectors in all detection workstations. To resolve this problem, this paper proposed a novel distributed negative selection algorithm based on the original negative selection algorithm. The core of this distributed negative selection algorithm is the distributing strategy. Two kinds of distributing strategies, random distributing strategy and greedy distributing strategy are given. Then we compared the performance of random distributing strategy and greedy distributing strategy. The experimental results show that: (1) distributed negative selection algorithm can avoid the problem of single point failure, when a part of detection workstations fails, the detection rate does not descend quickly; and (2) when some detection workstations fail, greedy distributing strategy can maintain better detection rate than random distributing strategy.
UR - https://www.scopus.com/pages/publications/84968648327
U2 - 10.1109/ICONIP.2002.1202865
DO - 10.1109/ICONIP.2002.1202865
M3 - 会议稿件
AN - SCOPUS:84968648327
T3 - ICONIP 2002 - Proceedings of the 9th International Conference on Neural Information Processing: Computational Intelligence for the E-Age
SP - 1474
EP - 1478
BT - ICONIP 2002 - Proceedings of the 9th International Conference on Neural Information Processing
A2 - Rajapakse, Jagath C.
A2 - Lee, Soo-Young
A2 - Wang, Lipo
A2 - Fukushima, Kunihiko
A2 - Yao, Xin
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 9th International Conference on Neural Information Processing, ICONIP 2002
Y2 - 18 November 2002 through 22 November 2002
ER -