An Immunity-Based Anomaly Detection System with Sensor Agents
AbstractThis paper proposes an immunity-based anomaly detection system with sensor agents based on the specificity and diversity of the immune system. Each agent is specialized to react to the behavior of a specific user. Multiple diverse agents decide whether the behavior is normal or abnormal. Conventional systems have used only a single sensor to detect anomalies, while the immunity-based system makes use of multiple sensors, which leads to improvements in detection accuracy. In addition, we propose an evaluation framework for the anomaly detection system, which is capable of evaluating the differences in detection accuracy between internal and external anomalies. This paper focuses on anomaly detection in user’s command sequences on UNIX-like systems. In experiments, the immunity-based system outperformed some of the best conventional systems. View Full-Text
Share & Cite This Article
Okamoto, T.; Ishida, Y. An Immunity-Based Anomaly Detection System with Sensor Agents. Sensors 2009, 9, 9175-9195.
Okamoto T, Ishida Y. An Immunity-Based Anomaly Detection System with Sensor Agents. Sensors. 2009; 9(11):9175-9195.Chicago/Turabian Style
Okamoto, Takeshi; Ishida, Yoshiteru. 2009. "An Immunity-Based Anomaly Detection System with Sensor Agents." Sensors 9, no. 11: 9175-9195.