'Malicious Code Execution Detection and Response Immune System inspired by the Danger Theory'

Kim, Jungwon and Greensmith, Julie and Twycross, Jamie and Aickelin, Uwe (2005) 'Malicious Code Execution Detection and Response Immune System inspired by the Danger Theory'. In: Adaptive and Resilient Computing Security Workshop (ARCS-05), 2005, Santa Fe, USA.

This is the latest version of this item.

PDF - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader


The analysis of system calls is one method employed by anomaly detection systems to recognise malicious code execution. Similarities can be drawn between this process and the behaviour of certain cells belonging to the human immune system, and can be applied to construct an artificial immune system. A recently developed hypothesis in immunology, the Danger Theory, states that our immune system responds to the presence of intruders through sensing molecules belonging to those invaders, plus signals generated by the host indicating danger and damage. We propose the incorporation of this concept into a responsive intrusion detection system, where behavioural information of the system and running processes is combined with information regarding individual system calls.

Item Type:Conference or Workshop Item (Paper)
Schools/Departments:Faculty of Science > School of Computer Science and Information Technology
ID Code:624
Deposited By:Aickelin, Professor Uwe
Deposited On:22 Oct 2007 14:43
Last Modified:22 Oct 2007 14:43

Available Versions of this Item

Repository Staff Only: item control page