Network threat detection utilizing adaptive and innate immune system metaphors
Network threat detection utilizing adaptive and innate immune system metaphors
Date
2008
Authors
Fanelli, Robert L.
Contributor
Advisor
Department
Instructor
Depositor
Speaker
Researcher
Consultant
Interviewer
Annotator
Journal Title
Journal ISSN
Volume Title
Publisher
Volume
Number/Issue
Starting Page
Ending Page
Alternative Title
Abstract
Description
Thesis (Ph.D.)--University of Hawaii at Manoa, 2008.
The NetTRIIAD prototype demonstrates a reduction in false positive detections and an improvement in positive predictive value, compared to that of a conventional misuse-based intrusion detection system. The prototype also demonstrates the capacity to detect novel threats. These results support the thesis that the hybrid model can overcome some of the limitations of other intrusion detection approaches. This research points to the usefulness of immune-inspired approaches for problems in the domain of information system security, and represents a step toward providing an immune system for self-protecting information systems.
This dissertation investigates a hybrid model for network threat detection that combines artificial immune system approaches with conventional intrusion detection methods. The research thesis asserts that a model combining artificial immune system and conventional methods can overcome limitations seen in conventional intrusion detection methods, such as false positive detections and difficulty adapting to novel threats. The Network Threat Recognition with Immune Inspired Anomaly Detection (NetTRIIAD) model presented here incorporates conventional intrusion detection and status monitoring methods as input for an artificial immune system based on the immunological Danger Model. This work details implementation of a prototype NetTRIIAD system and experimentation on a series of intrusion detection scenarios including both known and newly created threats.
This dissertation makes several contributions to knowledge in the areas of artificial immune systems and information system security. This work presents a novel methodology for applying artificial immune system techniques to a complex information system security problem. It also presents a working model for integrating artificial immune systems and conventional approaches to network threat detection. A further contribution is to the body of knowledge concerning the relatively new field of Danger Model inspired artificial immune systems and its application to solving complex problems.
Includes bibliographical references (leaves253-269).
Also available by subscription via World Wide Web
268 leaves, bound 29 cm
The NetTRIIAD prototype demonstrates a reduction in false positive detections and an improvement in positive predictive value, compared to that of a conventional misuse-based intrusion detection system. The prototype also demonstrates the capacity to detect novel threats. These results support the thesis that the hybrid model can overcome some of the limitations of other intrusion detection approaches. This research points to the usefulness of immune-inspired approaches for problems in the domain of information system security, and represents a step toward providing an immune system for self-protecting information systems.
This dissertation investigates a hybrid model for network threat detection that combines artificial immune system approaches with conventional intrusion detection methods. The research thesis asserts that a model combining artificial immune system and conventional methods can overcome limitations seen in conventional intrusion detection methods, such as false positive detections and difficulty adapting to novel threats. The Network Threat Recognition with Immune Inspired Anomaly Detection (NetTRIIAD) model presented here incorporates conventional intrusion detection and status monitoring methods as input for an artificial immune system based on the immunological Danger Model. This work details implementation of a prototype NetTRIIAD system and experimentation on a series of intrusion detection scenarios including both known and newly created threats.
This dissertation makes several contributions to knowledge in the areas of artificial immune systems and information system security. This work presents a novel methodology for applying artificial immune system techniques to a complex information system security problem. It also presents a working model for integrating artificial immune systems and conventional approaches to network threat detection. A further contribution is to the body of knowledge concerning the relatively new field of Danger Model inspired artificial immune systems and its application to solving complex problems.
Includes bibliographical references (leaves253-269).
Also available by subscription via World Wide Web
268 leaves, bound 29 cm
Keywords
Citation
Extent
Format
Geographic Location
Time Period
Related To
Theses for the degree of Doctor of Philosophy (University of Hawaii at Manoa). Computer Science; no. 5024
Table of Contents
Rights
All UHM dissertations and theses are protected by copyright. They may be viewed from this source for any purpose, but reproduction or distribution in any format is prohibited without written permission from the copyright owner.
Rights Holder
Local Contexts
Collections
Email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.