An Artificial Immune System for Detecting Network Anomalies Using Hybrid Immune Theories

Document Type : Original Article


The Higher Institute of Computer and Information Technology, El Shorouk Academy, , Cairo, Egypt


Detecting network anomaly attacks is important due to the need for security guarantees, reliability, and privacy. The human immune mechanisms intelligently detect, fight, and destroy foreign bodies. This work introduces an artificially intelligent immune approach associated with monitoring systems for detecting network anomalies.

Hybrid Artificial Immune Principles (HAIP) theories such as Self/Non-Self Theory, Natural Killer Cells, and Danger Theory were studied and proposed. HAIP combines several ideas to detect network anomalies in a real-time environment. Ideas were built and tested and presented the pros and cons of HAIS. This work explores the HAIP approach. It focuses on three immune capabilities: feedback, self-organizing, and adaptive learning.

Today, new attacks are complex and not easy to detect. Therefore, the need for network anomaly defense becomes more important to face new threats. The NLS-KDD dataset trains and evaluates our proposed HAIP for detecting network anomalies. The average (AVG) cost and the standard error (STDERR) of the proposed HAIP model were 0.2718 and 0.004, respectively.

It is quite important to present the vaccination process. A vaccination component was designed to formulate this function in HAIP. After the reevaluation using our complete model including the vaccination module, the AVG cost become 0.0420 while the STDERR become 0.001.


Main Subjects