Skip to main content
SpringerLink
Log in
Book cover

International Conference on Intelligence and Security Informatics

ISI 2006: Intelligence and Security Informatics pp 708–710Cite as

Abnormal Detection Algorithm Based on Match Range Model

  • Conference paper

  • 1818 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 3975))

Abstract

Two main techniques used to build Intrusion Detection System (IDS), abnormal detection and misuse detection, have their own strengths and limitations respectively. It implies that an effective IDS should employ an abnormal detector and a misuse detector in parallel. While the human immune system (HIS) distinguishes previously known and unknown pathogens from human body via its own passive layers which are called natural immune systems and adaptive immune systems. Natural immune system is akin to the misuse detector of IDS and adaptive immune system is similar to the abnormal detector. Inspired from adaptive immune system, Negative Selection Algorithm (NSA) is applied to abnormal detection. But NSA can not generate dynamic detectors changed with nonselves. Inspired from affinity maturation, Dynamic Negative Selection Algorithm Based on Affinity Maturation (DNSA-AM), where NSA is used to delete detectors which detect any selves, is proposed and can be adapted to the change of nonselves. Match rule with the match threshold (r) is one of the most important components in NSA and DNSA-AM. ‘r’ is related to selves and must be set at first. So DNSA-AM can not be adapted to the change of selves.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Author information

Authors and Affiliations

  1. Zhejiang Wanli University, Ningbo, Zhejiang, 315100, China

    Jungan Chen

Authors
  1. Jungan Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Information and Computer Science, University of California, Irvine

    Sharad Mehrotra

  2. MIS Department, University of Arizona, 85721, Tucson, AZ, USA

    Daniel D. Zeng

  3. Department of Management Information Systems, Eller College of Management, The University of Arizona, 85721, AZ, USA

    Hsinchun Chen

  4. University of Texas at Dallas,  

    Bhavani Thuraisingham

  5. Chinese Academy of Sciences, 100190, Beijing, China

    Fei-Yue Wang

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Chen, J. (2006). Abnormal Detection Algorithm Based on Match Range Model. In: Mehrotra, S., Zeng, D.D., Chen, H., Thuraisingham, B., Wang, FY. (eds) Intelligence and Security Informatics. ISI 2006. Lecture Notes in Computer Science, vol 3975. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11760146_100

Download citation

  • DOI: https://doi.org/10.1007/11760146_100

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-34478-0

  • Online ISBN: 978-3-540-34479-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation