A generic cyber immune framework for anomaly detection using artificial immune systems.

Intrusion detection systems play a significant role in computer security. Artificial immune systems are the prime contender in developing an anomaly-based intrusion detection system due to their simplicity. The fundamental goal of this paper is to create a generic framework for an artificial immune system which is fast and accurate in detecting anomalies using artificial immune system concepts. Natural killer cells in the immune system and their quick response to foreign pathogens inspired the adaptation of those cells into an artificial immune system based framework. A natural killer cell-based framework is proposed to improve the accuracy and speed of anomaly detection. The structure of the proposed framework includes major histocompatibility complex class 1 representation, affinity calculation, cell generation, and cell proliferation. This framework addresses the overlapping and hole problem while creating natural killer cells to increase the system's performance. The negative selection algorithm and the positive selection algorithm generate the cells that enhance the anomaly detection technique and give high precision. The parameter response time introduced in this paper is crucial for an intrusion system to be used in real-time. • NK cell-based framework to be used as a cyber immune system is proposed. • A combination of Negative selection and Positive Selection to identify new attacks. • Suitable for real-time intrusion detection applications as the response time is low. • Good detection rate by addressing overlapping and hole problem. • Reduced false alarm rate, hence suitable for packet dropping based prevention systems. [ABSTRACT FROM AUTHOR]