A Two-Level Autonomous Intrusion Detection Model Inspired by the Immune System

Elnaz B. Noeparast, Reza Ravanmehr
Published Date:
January 05, 2014
Volume 4, Issue 1
11 - 17

distributed systems, intrusion detection, multi-agent systems, immune system
There are several methods applied to distributed system security, which have the same absolute view of the intrusion. In their view, an operation could be legitimate or intrusive, which does not have any consistency with the complicated and heterogeneous nature of distributed systems. In this paper, a two level multi-agent model is proposed whose first level determines system’s unsafe behaviors based on anomaly occurrence. Then, its second level calculates the probability of system log operations effectiveness in the case of intrusion happens. If this probability is greater than the first-level prediction, the anomaly is known as intrusion, otherwise it is supposed as an unexpected legal behavior. Therefore, the false positive error probability will decrease. Also, the proposed multi-agent system utilizes the human immune system whose autonomous agents do not need maintenance and detects intrusions without relying on any other central elements, just by using their own learning and interaction capability.

