| Sensors | |
| An Immunity-Based Anomaly Detection System with Sensor Agents | |
| Takeshi Okamoto1 | |
| [1] Department of Information Network and Communication, Kanagawa Institute of Technology/1030, Shimo-ogino, Atsugi, Kanagawa 243-0292, Japan | |
| 关键词: immunity-based system; anomaly detection; intrusion detection; sensor agent; hidden Markov model; receiver operating characteristics; | |
| DOI : 10.3390/s91109175 | |
| 来源: mdpi | |
 PDF
|
|
【 摘 要 】
This paper proposes an immunity-based anomaly detection system with sensor agents based on the specificity and diversity of the immune system. Each agent is specialized to react to the behavior of a specific user. Multiple diverse agents decide whether the behavior is normal or abnormal. Conventional systems have used only a single sensor to detect anomalies, while the immunity-based system makes use of multiple sensors, which leads to improvements in detection accuracy. In addition, we propose an evaluation framework for the anomaly detection system, which is capable of evaluating the differences in detection accuracy between internal and external anomalies. This paper focuses on anomaly detection in user's command sequences on UNIX-like systems. In experiments, the immunity-based system outperformed some of the best conventional systems.
【 授权许可】
CC BY
© 2009 by the authors; licensee Molecular Diversity Preservation International, Basel, Switzerland.
【 预 览 】
| Files | Size | Format | View |
|---|---|---|---|
| RO202003190055889ZK.pdf | 369KB |  download |
878987797
028-85220240
