Application of artificial immune systemsfor detection of network inclusions

Abstract

The study of the protection of computer systems with the help of artificial immune systems (IIS) is a relatively new direction in the application of artificial intelligence to solving technical problems. Various technologies can be used to build anomaly detection systems. In recent years, much attention has been paid to the study of methods of biological modeling of artificial intelligence, such as artificial neural networks and IIS. These methods are one of the most promising approaches to solving problems in the detection of anomalies, because they work as close as possible to reliable biological immune systems of humans.The article discusses the solution of the problem of detecting malicious information using the negative selection algorithm that is actively used in artificial immune systems. Negative selection in the immune system is used to recognize foreign antigens by removing those cells (antibodies) that respond to their own antigens. This process is called «friend-foe» recognition. The article presents a modified negative selection algorithm and conducted a simulation experiment with the immune system detecting network invasions. A simulation experiment of an attack on a computer system and demonstrates the response of the system when an abnormal object is detected. For a specific example, a negative selection algorithm is applied. The article is a presentation of the idea of modeling a software system based on the behavior of the human immune system.