2010
Authors
Antunes, MJ; Correia, ME;
Publication
ADVANCES IN COMPUTATIONAL BIOLOGY
Abstract
This paper presents an artificial immune system (AIS) based on Grossman's tunable activation threshold (TAT) for temporal anomaly detection. We describe the generic AIS framework and the TAT model adopted for simulating T Cells behaviour, emphasizing two novel important features: the temporal dynamic adjustment of T Cells clonal size and its associated homeostasis mechanism. We also present some promising results obtained with artificially generated data sets, aiming to test the appropriateness of using TAT in dynamic changing environments, to distinguish new unseen patterns as part of what should be detected as normal or as anomalous. We conclude by discussing results obtained thus far with artificially generated data sets.
2009
Authors
Antunes, MJ; Correia, ME;
Publication
2009 INTERNATIONAL JOINT CONFERENCE ON BIOINFORMATICS, SYSTEMS BIOLOGY AND INTELLIGENT COMPUTING, PROCEEDINGS
Abstract
This paper presents an Artificial Immune System (AIS) based on Grossman's Tunable Activation Threshold (TAT) for anomaly detection. We describe the immunological metaphor and the algorithm adopted for T-cells, emphasizing two important features: the temporal dynamic adjustment of T-cells clonal size and its associated homeostasis mechanism. We present some promising results obtained with artificially generated data sets, aiming to test the appropriateness of using TAT in dynamic changing environments, to distinguish new unseen patterns as part of what should be detected as normal or as anomalous.
2012
Authors
Antunes, MJ; Correia, ME;
Publication
Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering
Abstract
The Artificial Immune Systems (AIS) constitute an emerging and very promising area of research that historically have been falling within two main theoretical immunological schools of thought: those based on Negative selection (NS) or those inspired on Danger theory (DT). Despite their inherent strengths and well known promising results, both deployed AIS have documented difficulties on dealing with gradual dynamic changes of self behavior through time. In this paper we propose and describe the development of an AIS framework for anomaly detection based on a rather different immunological theory, which is the Grossman's Tunable Activation Thresholds (TAT) theory for the behaviour of T-cells. The overall framework has been tested with artificially generated stochastic data sets based on a real world phenomena and the results thus obtained have been compared with a non-evolutionary Support Vector Machine (SVM) classifier, thus demonstrating TAT's performance and competitiveness for anomaly detection. © 2012 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering.
2011
Authors
Antunes, M; Correia, ME;
Publication
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Abstract
Computer networks are highly dynamic environments in which the meaning of normal and anomalous behaviours can drift considerably throughout time. Behaviour-based Network Intrusion Detection System (NIDS) have thus to cope with the temporal normality drift intrinsic on computer networks, by tuning adaptively its level of response, in order to be able to distinguish harmful from harmless network traffic flows. In this paper we put forward the intrinsic Tunable Activation Threshold (TAT) theory ability to adaptively tolerate normal drifting network traffic flows. This is embodied on the TAT-NIDS, a TAT-based Artificial Immune System (AIS) we have developed for network intrusion detection. We describe the generic AIS framework we have developed to assemble TAT-NIDS and present the results obtained thus far on processing real network traffic data sets. We also compare the performance obtained by TAT-NIDS with the well known and widely deployed signature-based snort network intrusion detection system. © 2011 Springer-Verlag.
2011
Authors
Antunes, M; Silva, C; Ribeiro, B; Correia, M;
Publication
ADAPTIVE AND NATURAL COMPUTING ALGORITHMS, PT II
Abstract
In this paper we propose and analyse methods for expanding state-of-the-art performance on text classification. We put forward an ensemble-based structure that includes Support Vector Machines (SVM) and Artificial Immune Systems (AIS). The underpinning idea is that SVM-like approaches can be enhanced with A IS approaches which can capture dynamics in models. While having radically different genesis, and probably because of that, SVM and AIS can cooperate in a committee setting, using a heterogeneous ensemble to improve overall performance, including a confidence on each system classification as the differentiating factor. Results on the well-known Reuters-21578 benchmark are presented, showing promising classification performance gains, resulting in a classification that improves upon all baseline contributors of the ensemble committee.
2009
Authors
Antunes, M; Correia, M;
Publication
2ND INTERNATIONAL WORKSHOP ON PRACTICAL APPLICATIONS OF COMPUTATIONAL BIOLOGY AND BIOINFORMATICS (IWPACBB 2008)
Abstract
One emergent, widely used metaphor and rich source of inspiration for computer security has been the vertebrate Immune System (IS). This is mainly due to its intrinsic nature of having to constantly protect the body against harm inflicted by external (non-self) harmful entities. The bridge between metaphor and the reality of new practical systems for anomaly detection is cemented by recent biological advancements and new proposed theories on the dynamics of immune cells by the field of theoretical immunology. In this paper we present a work in progress research on the deployment of an immune-inspired architecture, based on Grossman's Tunable Activation Threshold (TAT) hypothesis, for temporal anomaly detection, where there is a strict temporal ordering on the data, such as network intrusion detection. We start by briefly describing the overall architecture. Then, we present some preliminary results obtained in a Production network. Finally, we conclude by presenting the main lines of research we intend to pursue in the near future.
The access to the final selection minute is only available to applicants.
Please check the confirmation e-mail of your application to obtain the access code.