 |
    |
Vulnerability Analysis of Immunity-Based Intrusion Detection Systems Using Evolutionary Hackers
Gerry Dozier1, Douglas Brown2, John Hurley3, and Krystal Cain2
1Dept. of Computer Science & Software Engineering Auburn University, AL 36849-5347
gvdozier@eng.auburn.edu
2Dept. of Computer Science Clark-Atlanta University Atlanta, GA 30314
douglasbrown1982@aol.com
KDJCain@aol.com
3Distributed Systems Integration The Boeing Company Seattle, WA 98124
john.s.hurley@boeing.com
Abstract. Artificial Immune Systems (AISs) are biologically inspired problem solvers that have been used successfully as intrusion detection systems (IDSs). This paper describes how the design of AIS-based IDSs can be improved through the use of evolutionary hackers in the form of GENERTIA red teams (GRTs) to discover holes (in the form of type II errors) found in the immune system. GENERTIA is an interactive tool for the design and analysis of immunity-based intrusion detection systems. Although the research presented in this paper focuses on AIS-based IDSs, the concept of GENERTIA and red teams can be applied to any IDS that uses machine learning techniques to develop models of normal and abnormal network traffic. In this paper we compare a genetic hacker with six evolutionary hackers based on particle swarm optimization (PSO). Our results show that genetic and swarm search are effective and complementary methods for vulnerability analysis. Our results also suggest that red teams based on genetic/PSO hybrids (which we refer to Genetic Swarms) may hold some promise.
LNCS 3102, p. 263 ff.
lncs@springer.de
© Springer-Verlag Berlin Heidelberg 2004