Application of immune complement algorithm to NSL-KDD intrusion detection dataset

Abstract EN

Many real world problems involve the simultaneous optimization of various and often conflicting objectives.

Evolutionary algorithms seem to be the most attractive approaches for this class of problems, because they are usually population based techniques that can find multiple compromise solution in a single run, and they do not require any hypotheses on the objective functions.

Among other techniques, in the last decade a new paradigm based on the emulation of the immune system behavior has been proposed.

Since the pioneer works, many different implementations have been proposed in literatures.

This Paper presents a description of an intrusion detection approach modeled on the basis of three bio-inspired concepts namely, Negative selection, Positive selection and complement system.

The Positive selection mechanism of the immune system can detect the attack patterns (nonself), while the Negative selection mechanism of the immune system can delete the artificial lymphocyte (ALC) which interact with normal patterns (Self).

The complement system is a kind of the effecter mechanism, which refers to a series of proteins circulating in the blood and bathing the fluids surrounding tissues.

It establishes the idea that only those cells that recognize the antigens are selected to undergo two operators: cleave operator and bind operator are presented, cleave operator cleaves a complement cell into two sub-cells, while bind operator binds two cells together and forms a big cell.

To obtain Complement detectors can recognize only the attack patterns from the NSL-KDD dataset.