Immunology and Intrusion Detection
Stephanie Forrest - Santa Fe Institute
Jan 14, 2000
AbstractNatural immune systems are sophisticated information processors. They learn to recognize relevant patterns, they remember patterns that have been seen previously, they use combinatorics to construct pattern detectors efficiently, and they use diversity to promote robustness. Further, the individual cells and molecules that comprise the immune system are distributed throughout our bodies, encoding and controlling the system in parallel with no central control mechanism.
The talk will describe recent progress on several related projects which are incorporating principles and mechanisms from immunology into computer security. It will emphasize recent work on host-based and network-based intrusion detection. In the host-based system, normal behavior is defined by short-range correlations in a process's system calls---a much simpler approach than that used previously. Experiments suggest that the definition is stable during normal behavior and that it is sensitive to several common intrusions. In the network-based system, normal behavior is characterized using TCP/IP packets, and several immune-inspired mechanisms are employed to create a distributed and robust approach to network security.
About the SpeakerStephanie Forrest is a Professor of Computer Science at the University of New Mexico in Albuqueruqe, and she is currently serving as the Interim Vice President for Academic Affairs at the Santa Fe Institute. Before joining UNM in 1990, she was a Director's Fellow at the Center for Nonlinear Studies, Los Alamos National Laboratory and a member of the Research and Development group at Teknowledge, Inc. She received M.S. and Ph.D. degrees in Computer Science from the University of Michigan, Ann Arbor (1982,1985), and the B.A. degree from St. John's College, Annapolis MD and Santa Fe, NM (1977). She has been an active member of the Santa Fe Institute since 1988, serving on the external faculty, science board, and steering committee. She has edited two collections of scientific papers, is the author of a book on classifier systems, and has published numerous scientific papers in the area of parallel adaptive systems, including genetic algorithms, classifier systems, emergent computation, computational immunology, and computer security.
The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.