Computer Science

Computer Science ›› 2021, Vol. 48 ›› Issue (6): 324-331.doi: 10.11896/jsjkx.200400033

• Information Security • Previous Articles     Next Articles

Improved Negative Selection Algorithm and Its Application in Intrusion Detection

JIA Lin1, YANG Chao1,2,3, SONG Ling-ling1, CHENG Zhen1and LI Bei-jun1   

  1. 1 School of Computer and Information Engineering,Hubei University,Wuhan 430062,China
    2 Hubei Provincial Education Information Engineering Technology Research Center,Wuhan 430062,China
    3 Hubei Key Laboratory of Applied Mathematics,School of Mathematics and Statistics,Hubei University,Wuhan 430062,China
  • Received:2020-04-08 Revised:2020-08-04 Online:2021-06-15 Published:2021-06-03
  • About author:JIA Lin,born in 1995,postgraduate.Her main research interests include artificial immune system and machine learning.(jialin.xx@foxmail.com)
    YANG Chao,born in 1982,Ph.D,asso-ciate professor,postgraduate supervisor,is a member of China Computer Federation.His main research interests include information security and computer immunology.
  • Supported by:
    National Natural Science Foundation of China(61977021) and Open Funded Project of Hubei Key Laboratory of Applied Mathematics(HBAM201902).

PDF (PC)

774

Abstract: As a typical algorithm of artificial immune system,negative selection algorithm(NSA) is widely used in intrusion detection.Aiming at the problems of low accuracy,high false alarm rate and high redundancy of detector set in the traditional negative selection algorithm,an improved negative selection algorithm is proposed and applied to the intrusion detection.The main idea is as follows:first,non-self-antigens is clustered by density peak clustering algorithm to generate a known detector,which can detect the known invasion behavior.Then the abnormal point is defined and it is taken as the center of candidate detector preferentially to calculate and generate unknown detector,which can detect unknown intrusion behavior,so as to reduce the randomness of detector generation.In the experimental stage,AC(accuracy) and FA(false alarm) are selected as evaluation indexes.The algorithm has been simulated on the KDDCUP99 and CSE-CIC-IDS2018 data sets,and the experimental results show that the algorithm has lower false alarm rate and higher accuracy rate on the two data sets,which verifies the proposed improved method has a better detection effect.

Key words: Artificial immunity, Density clustering, Detector, Intrusion detection, Negative selection

CLC Number: 

  • TP309
[1]LI W,YANG Z M.Review of Intrusion Detection System[J].Journal of Jilin University(Information Science Edition),2016,34(5):657-662.
[2]WEI Z,YANG W C,WILLY S.Interactive three-dimensional visualization of network intrusion detection data for machine learning[J].Future generation computer systems,2020,102(Jan.):292-306.
[3]MAHENDRA P,SACHIN T.An efficient feature selectionbased Bayesian and Rough set approach for intrusion detection[J].Applied Soft Computing,2020,87(2):105980.
[4]HYUN M S,JIYOUNG W,HUY K K.In-vehicle network intrusion detection using deep convolutional neural network[J].Vehicular Communications,2020,21(2):100198.1-100198.13.
[5]VIJAYANAND R,DEVARAJ D,KANNAPIRAN B.Intrusion detection system for wireless mesh network using multiple support vector machine classifiers with genetic-algorithm-based feature selection[J].Computers & Security,2018,77(8):304-314.
[6]SAIFUL I S,MUHAMMAD S A.Network Intrusion Detection System Using Artificial Immune System(AIS)[C]//International Conference on Computer and Communication Systems.2018:178-182.
[7]CHUNG M O.Host-based Intrusion Detection Systems Inspired by Machine Learning of Agent-Based Artificial Immune Systems[C]//IEEE International Symposium on INnovations in Intelligent Systems and Applications.2019:1-5.
[8]NASIR R,JAVAID I,FAHAD M.Artificial Immune System-Negative Selection Classification Algorithm(NSCA) for Four Class Electroencephalogram(EEG) Signals[J].Frontiers in Human Neuroscience,2018,12:439-453.
[9]TAKESHI O,MITSUNOBU T.An artificial immunity-enhancing module for internet servers against cyberattacks[J].Artificial Life and Robotics,2018,23(3):292-297.
[10]FORREST S,PERELSON A S,ALLEN L,et al.Self-nonselfdiscrimination in a computer[M].IEEE Computer Society,1994:202-212.
[11]SYDNEY M K,SUN Y X.A deep learning method with wrapper based feature extraction for wireless intrusion detection system[J].Computer & Security,2020,92(5):1-15.
[12]GUO X D,LI X M.Intrusion detection based on improvedsparse denoising autoencoder[J].Journal of Computer Applications,2019,39(3):153-157.
[13]ZHOU Y Y,CHENG G.Building an efficient intrusion detection system based on feature selection and ensemble classifier[J].Computer Networks,2020,174(19):1-12.
[14]HE F M,MA H Z.Research on Anomaly Intrusion Detection System Based on Feature Grouping Clustering[J].Computer Engineering,2020,46(4):123-128.
[15]MRAIN E P,VASIL A S,VLADIMIR K P,et al.Negative Selection and Neural Network Based Algorithm for Intrusion Detection in IoT[C]//International Conference on Telecommunications and Signal Processing(TSP).2018.
[16]BHUVANESWARI G,MANIKANDAN G.An intelligent in-trusion detection system for secure wireless communication using IPSO and negative selection classifier[J].Cluster Computing,2019,22(5):12429-12441.
[17]JIN J,HAN H,CUI Y J.Application of improved negative select algorithm in intrusion detection system[J].Electronic Design Engineering,2015,23(1):7-9.
[18]LIU H H,NIU L,KONG W W,et al.Technique for Intrusion Detection Based on Dual Negative Splitting Selection Algorithm[J].Fire Control &Command Control,2018,43(10):181-186.
[19]CHIKH R,SALIM C.A New Negative Selection Algorithm for Adaptive Network Intrusion Detection System[J].International Journal of Information Security and Privacy IJISP,2014,8(4):1-25.
[20]JIN Z Z,LIAO M H,XIAO G.Survey of negative selection algorithms[J].Journal on Communications,2013,34(1):159-170.
[21]ZHOU J,DASGUPTA D.Real-valued negative selection algo-rithm with variable-sized detectors[J].Genetic and Evolutio-nary Computation-GECCO,2004:287-298.
[22]RODRIGUEZ A,LAIO A.Clustering by fast search and find of density peaks[J].Science,2014,344(6191):1492-1496.
[23]MA C L,SHAN H,MA T.Improved Density Peaks Based Clustering Algorithm with Strategy Choosing Cluster Center Automatically[J].Computer Science,2016,43(7):255-258,280.
[24]YANG C,JIA L,CHEN B Q,et al.Negative Selection Algorithm Based on Antigen Density Clustering[J].IEEE Access,2020,8:44967-44975.
[25]ZHANG X Y,ZENG H S,JIA L.Research of intrusion detection system dataset-KDD CUP99[J].Computer Engineering and Design,2010,31(22):4809-4813.
[26]UCI data set[OL].http://archive.ics.uci.edu/ml/index.php.
[27]CSE-CIC-IDS2018 data set[OL].https://www.unb.ca/cic/datasets/ids-2018.html.
[28]NIU L,SUN Z L.PCA-AKM Algorithm and Its Application in Intrusion Detection System[J].Computer Science,2018,(45)2:226-230.
[1] SHEN Xiang-pei, DING Yan-rui. Multi-detector Fusion-based Depth Correlation Filtering Video Multi-target Tracking Algorithm [J]. Computer Science, 2022, 49(8): 184-190.
[2] WANG Xin-tong, WANG Xuan, SUN Zhi-xin. Network Traffic Anomaly Detection Method Based on Multi-scale Memory Residual Network [J]. Computer Science, 2022, 49(8): 314-322.
[3] ZHOU Zhi-hao, CHEN Lei, WU Xiang, QIU Dong-liang, LIANG Guang-sheng, ZENG Fan-qiao. SMOTE-SDSAE-SVM Based Vehicle CAN Bus Intrusion Detection Algorithm [J]. Computer Science, 2022, 49(6A): 562-570.
[4] CAO Yang-chen, ZHU Guo-sheng, SUN Wen-he, WU Shan-chao. Study on Key Technologies of Unknown Network Attack Identification [J]. Computer Science, 2022, 49(6A): 581-587.
[5] WEI Hui, CHEN Ze-mao, ZHANG Li-qiang. Anomaly Detection Framework of System Call Trace Based on Sequence and Frequency Patterns [J]. Computer Science, 2022, 49(6): 350-355.
[6] ZHANG Shi-peng, LI Yong-zhong. Intrusion Detection Method Based on Denoising Autoencoder and Three-way Decisions [J]. Computer Science, 2021, 48(9): 345-351.
[7] LI Lin, LIU Xue-liang, ZHAO Ye, JI Ping. Low Light Image Fusion Detection Method Based on Lego Filter and SSD [J]. Computer Science, 2021, 48(7): 213-218.
[8] WU Shan-jie, WANG Xin. Prediction of Tectonic Coal Thickness Based on AGA-DBSCAN Optimized RBF Neural Networks [J]. Computer Science, 2021, 48(7): 308-315.
[9] LI Bei-bei, SONG Jia-rui, DU Qing-yun, HE Jun-jiang. DRL-IDS:Deep Reinforcement Learning Based Intrusion Detection System for Industrial Internet of Things [J]. Computer Science, 2021, 48(7): 47-54.
[10] CHENG Xi, CAO Xiao-mei. SQL Injection Attack Detection Method Based on Information Carrying [J]. Computer Science, 2021, 48(7): 70-76.
[11] CAO Yang-chen, ZHU Guo-sheng, QI Xiao-yun, ZOU Jie. Research on Intrusion Detection Classification Based on Random Forest [J]. Computer Science, 2021, 48(6A): 459-463.
[12] YU Jian-ye, QI Yong, WANG Bao-zhuo. Distributed Combination Deep Learning Intrusion Detection Method for Internet of Vehicles Based on Spark [J]. Computer Science, 2021, 48(6A): 518-523.
[13] WANG Ying-ying, CHANG Jun, WU Hao, ZHOU Xiang, PENG Yu. Intrusion Detection Method Based on WiFi-CSI [J]. Computer Science, 2021, 48(6): 343-348.
[14] LIU Quan-ming, LI Yin-nan, GUO Ting, LI Yan-wei. Intrusion Detection Method Based on Borderline-SMOTE and Double Attention [J]. Computer Science, 2021, 48(3): 327-332.
[15] ZHU Rong-chen, LI Xin, WANG Han-xu, YE Han, CAO Zhi-wei, FAN Zhi-jie. Camera Identity Recognition Method Fused with Multi-dimensional Identification Features [J]. Computer Science, 2021, 48(11A): 565-569.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.