'Malicious Code Execution Detection and Response Immune System inspired by the Danger Theory'

Kim, Jungwon and Greensmith, Julie and Twycross, Jamie and Aickelin, Uwe (2005) 'Malicious Code Execution Detection and Response Immune System inspired by the Danger Theory'. In: Adaptive and Resilient Computing Security Workshop (ARCS-05), 2005, Santa Fe, USA.

WarningThere is a more recent version of this item available.

PDF - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader


The analysis of system calls is one method employed by anomaly detection systems to recognise malicious code execution. Similarities can be drawn between this process and the behaviour of certain cells belonging to the human immune system, and can be applied to construct an artificial immune system. A recently developed hypothesis in immunology, the Danger Theory, states that our immune system responds to the presence of intruders through sensing molecules belonging to those invaders, plus signals generated by the host indicating danger and damage. We propose the incorporation of this concept into a responsive intrusion detection system, where behavioural information of the system and running processes is combined with information regarding individual system calls.

Item Type:Conference or Workshop Item (Paper)
Schools/Departments:Faculty of Science > School of Computer Science and Information Technology
ID Code:302
Deposited By:Aickelin, Professor Uwe
Deposited On:21 Nov 2005
Last Modified:22 Oct 2007 14:43

Available Versions of this Item

Repository Staff Only: item control page