Artificial Immune Systems for Intrusion Detection

I wrote an article “Artificial Immune Systems for Intrusion Detection“ in the January 2013 issue of MSDN Magazine. See An artificial immune system (AIS) for intrusion detection is a software system that models some parts of the behavior of the human immune system to protect computer networks from viruses and similar cyber attacks. The essential idea is that the human immune system—which is a complex system consisting of lymphocytes (white blood cells), antibodies and many other components—has evolved over time to provide powerful protection against harmful toxins and other pathogens. So, modeling the behavior of the human immune system may provide an effective architecture against cyber attacks.

In the article I describe some of the principles of artificial immune systems and present a demo program to demonstrate these principles. Although work on AIS protection is still relatively new and, in my opinion, no commercial implementations are quite ready for prime time, the article might be useful for several reasons. First, the code will give you a starting point for hands-on experimentation with a simple AIS system. Second, the principles explained will get you over the rather difficult initial hurdle to this area and allow you to understand research papers on AIS. Third, several of the programming techniques used in this article, in particular r-chunks bit matching and negative selection, can be useful in other programming scenarios. And fourth, you may just find the idea of modeling a software system based on the behavior of the human immune system interesting in its own right.


This entry was posted in Machine Learning, Software Test Automation. Bookmark the permalink.