'Malicious Code Execution Detection and Response Immune System inspired by the Danger Theory'

Kim, Jungwon and Greensmith, Julie and Twycross, Jamie and Aickelin, Uwe (2005) 'Malicious Code Execution Detection and Response Immune System inspired by the Danger Theory'. In: Adaptive and Resilient Computing Security Workshop (ARCS-05), 2005, Santa Fe, USA.

WarningThere is a more recent version of this item available.
[img] PDF - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader
Download (80kB)

Abstract

The analysis of system calls is one method employed by anomaly detection systems to recognise malicious code execution. Similarities can be drawn between this process and the behaviour of certain cells belonging to the human immune system, and can be applied to construct an artificial immune system. A recently developed hypothesis in immunology, the Danger Theory, states that our immune system responds to the presence of intruders through sensing molecules belonging to those invaders, plus signals generated by the host indicating danger and damage. We propose the incorporation of this concept into a responsive intrusion detection system, where behavioural information of the system and running processes is combined with information regarding individual system calls.

Item Type: Conference or Workshop Item (Paper)
Schools/Departments: University of Nottingham UK Campus > Faculty of Science > School of Computer Science
Depositing User: Aickelin, Professor Uwe
Date Deposited: 21 Nov 2005
Last Modified: 22 Oct 2007 13:43
URI: http://eprints.nottingham.ac.uk/id/eprint/302

Available Versions of this Item

Actions (Archive Staff Only)

Edit View Edit View