Abstract
Two main techniques used to build Intrusion Detection System (IDS), abnormal detection and misuse detection, have their own strengths and limitations respectively. It implies that an effective IDS should employ an abnormal detector and a misuse detector in parallel. While the human immune system (HIS) distinguishes previously known and unknown pathogens from human body via its own passive layers which are called natural immune systems and adaptive immune systems. Natural immune system is akin to the misuse detector of IDS and adaptive immune system is similar to the abnormal detector. Inspired from adaptive immune system, Negative Selection Algorithm (NSA) is applied to abnormal detection. But NSA can not generate dynamic detectors changed with nonselves. Inspired from affinity maturation, Dynamic Negative Selection Algorithm Based on Affinity Maturation (DNSA-AM), where NSA is used to delete detectors which detect any selves, is proposed and can be adapted to the change of nonselves. Match rule with the match threshold (r) is one of the most important components in NSA and DNSA-AM. ‘r’ is related to selves and must be set at first. So DNSA-AM can not be adapted to the change of selves.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsAuthor information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Chen, J. (2006). Abnormal Detection Algorithm Based on Match Range Model. In: Mehrotra, S., Zeng, D.D., Chen, H., Thuraisingham, B., Wang, FY. (eds) Intelligence and Security Informatics. ISI 2006. Lecture Notes in Computer Science, vol 3975. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11760146_100
Download citation
DOI: https://doi.org/10.1007/11760146_100
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-34478-0
Online ISBN: 978-3-540-34479-7
eBook Packages: Computer ScienceComputer Science (R0)