Picture for Jungwon Kim

Jungwon Kim

Malicious Code Execution Detection and Response Immune System inspired by the Danger Theory

Add code
Mar 22, 2010
Jungwon Kim, Julie Greensmith, Jamie Twycross, Uwe Aickelin
Figure 1 for Malicious Code Execution Detection and Response Immune System inspired by the Danger Theory

The analysis of system calls is one method employed by anomaly detection systems to recognise malicious code execution. Similarities can be drawn between this process and the behaviour of certain cells belonging to the human immune system, and can be applied to construct an artificial immune system. A recently developed hypothesis in immunology, the Danger Theory, states that our immune system responds to the presence of intruders through sensing molecules belonging to those invaders, plus signals generated by the host indicating danger and damage. We propose the incorporation of this concept into a responsive intrusion detection system, where behavioural information of the system and running processes is combined with information regarding individual system calls.

* Proceedings of Adaptive and Resilient Computing Security Workshop (ARCS-05), Santa Fe, USA, 2005,  
* 4 pages, 1 table, Adaptive and Resilient Computing Security Workshop (ARCS-05), Santa Fe, USA 
Viaarxiv icon
Github IconAccess Paper or Ask Questions
Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon

Cooperative Automated Worm Response and Detection Immune Algorithm

Add code
Jan 13, 2010
Jungwon Kim, William Wilson, Uwe Aickelin, Julie McLeod
Figure 1 for Cooperative Automated Worm Response and Detection Immune Algorithm
Figure 2 for Cooperative Automated Worm Response and Detection Immune Algorithm
Figure 3 for Cooperative Automated Worm Response and Detection Immune Algorithm
Figure 4 for Cooperative Automated Worm Response and Detection Immune Algorithm

The role of T-cells within the immune system is to confirm and assess anomalous situations and then either respond to or tolerate the source of the effect. To illustrate how these mechanisms can be harnessed to solve real-world problems, we present the blueprint of a T-cell inspired algorithm for computer security worm detection. We show how the three central T-cell processes, namely T-cell maturation, differentiation and proliferation, naturally map into this domain and further illustrate how such an algorithm fits into a complete immune inspired computer security system and framework.

* 14 pages, 2 figures, 2 tables, 4th International Conference on Artificial Immune Systems (ICARIS) 
Viaarxiv icon
Github IconAccess Paper or Ask Questions
Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon

Immune System Approaches to Intrusion Detection - A Review

Add code
Apr 08, 2008
Jungwon Kim, Peter J. Bentley, Uwe Aickelin, Julie Greensmith, Gianni Tedesco, Jamie Twycross
Figure 1 for Immune System Approaches to Intrusion Detection - A Review

The use of artificial immune systems in intrusion detection is an appealing concept for two reasons. Firstly, the human immune system provides the human body with a high level of protection from invading pathogens, in a robust, self-organised and distributed manner. Secondly, current techniques used in computer security are not able to cope with the dynamic and increasingly complex nature of computer systems and their security. It is hoped that biologically inspired approaches in this area, including the use of immune-based systems will be able to meet this challenge. Here we review the algorithms used, the development of the systems and the outcome of their implementation. We provide an introduction and analysis of the key developments within this field, in addition to making suggestions for future research.

* Natural Computing, 6(4), pp 413-466, 2007  
Viaarxiv icon
Github IconAccess Paper or Ask Questions
Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon