Please use this identifier to cite or link to this item:
Network threat detection utilizing adaptive and innate immune system metaphors
|Ph.D._AC1.H3_5024_uh.pdf||Version for UH users||7.07 MB||Adobe PDF||View/Open|
|Ph.D._AC1.H3_5024_r.pdf||Version for non-UH users. Copying/Printing is not permitted||7.08 MB||Adobe PDF||View/Open|
|Title:||Network threat detection utilizing adaptive and innate immune system metaphors|
|Authors:||Fanelli, Robert L.|
|Description:||Thesis (Ph.D.)--University of Hawaii at Manoa, 2008.|
The NetTRIIAD prototype demonstrates a reduction in false positive detections and an improvement in positive predictive value, compared to that of a conventional misuse-based intrusion detection system. The prototype also demonstrates the capacity to detect novel threats. These results support the thesis that the hybrid model can overcome some of the limitations of other intrusion detection approaches. This research points to the usefulness of immune-inspired approaches for problems in the domain of information system security, and represents a step toward providing an immune system for self-protecting information systems.
This dissertation investigates a hybrid model for network threat detection that combines artificial immune system approaches with conventional intrusion detection methods. The research thesis asserts that a model combining artificial immune system and conventional methods can overcome limitations seen in conventional intrusion detection methods, such as false positive detections and difficulty adapting to novel threats. The Network Threat Recognition with Immune Inspired Anomaly Detection (NetTRIIAD) model presented here incorporates conventional intrusion detection and status monitoring methods as input for an artificial immune system based on the immunological Danger Model. This work details implementation of a prototype NetTRIIAD system and experimentation on a series of intrusion detection scenarios including both known and newly created threats.
This dissertation makes several contributions to knowledge in the areas of artificial immune systems and information system security. This work presents a novel methodology for applying artificial immune system techniques to a complex information system security problem. It also presents a working model for integrating artificial immune systems and conventional approaches to network threat detection. A further contribution is to the body of knowledge concerning the relatively new field of Danger Model inspired artificial immune systems and its application to solving complex problems.
Includes bibliographical references (leaves253-269).
show 2 moreAlso available by subscription via World Wide Web
268 leaves, bound 29 cm
|Rights:||All UHM dissertations and theses are protected by copyright. They may be viewed from this source for any purpose, but reproduction or distribution in any format is prohibited without written permission from the copyright owner.|
|Appears in Collections:||Ph.D. - Computer Science|
Items in ScholarSpace are protected by copyright, with all rights reserved, unless otherwise indicated.