VX Heaven

Library Collection Sources Engines Constructors Simulators Utilities Links Forum
Top 5 articles
S. Forrest, S. Hofmeyr, A. Somayaji «Computer Immunology» (14416)
A. Somayaji, S. Hofmeyr, S. Forrest «Principles of a Computer Immune System» (13246)
S. Goel, S. Bush «Kolmogorov Complexity Estimates For Detection Of Viruses In Biologically Inspired Security Systems: A Comparison With Traditional Approaches» (13021)
J. Kalyani, K. Singh Kahlon, H. Singh, A. Kalyani «Analysis of Virus Algorithms» (12917)
S. Forrest, S. Hofmeyr, A. Somayaji, T. Longstaff «A Sense of Self for Unix Processes» (11996)

Library: Computer Immunology

Stephanie Forrest, Steven Hofmeyr, Anil Somayaji
«Computer Immunology» 33.66Kb 14416 hits
Communications of the ACM Vol. 40, No. 10, pp. 88-96 (1997)
Natural immune systems protect animals from dangerous foreign pathogens, including bacteria, viruses, parasites, and toxins. Their role in the body is analogous to that of computer security systems in computing. Although there are many differences between living organisms and computer systems, this article argues that the similarities are compelling and could point the way to improved computer security. Improvements can be achieved by designing computer immune systems that have some of the important properties illustrated by natural immune systems. These include multi-layered protection, highly distributed detection and memory systems, diversity of detection ability across individuals, inexact matching strategies, and sensitivity to most new foreign patterns. We first give an overview of how the immune system relates to computer security. We then illustrate these ideas with two examples.
Stephanie Forrest, Steven Hofmeyr, Anil Somayaji, Thomas Longstaff
«A Sense of Self for Unix Processes» [TeX] 47.66Kb 11996 hits
In Proceedings of the 1996 IEEE Symposium on Security and Privacy, IEEE Computer Society Press, Los Alamitos, CA, pp. 120–128 (1996)
A method for anomaly detection is introduced in which “normal” is defined by short-range correlations in a process’ system calls. Initial experiments suggest that the definition is stable during normal behavior for standard UNIX programs. Further, it is able to detect several common intrusions involving sendmail and lpr. This work is part of a research program aimed at building computer security systems that incorporate the mechanisms and algorithms used by natural immune systems.
Sanjay Goel, Stephen Bush
«Kolmogorov Complexity Estimates For Detection Of Viruses In Biologically Inspired Security Systems: A Comparison With Traditional Approaches» [TeX] 99.08Kb 13021 hits
This paper presents results in two mutually complementary areas: distributed immunological information assurance and a new signature matching technique based upon Kolmogorov Complexity. This paper introduces a distributed model for security based on biological paradigms of Epidemiology and Immunology. In this model each node in the network has an immune system that identifies and destroys pathogens in the incoming network traffic as well as files resident on the node. The network nodes present a collective defense to the pathogens by working symbiotically and sharing pathogen information with each other. Each node compiles a list of pathogens that are perceived as threats by using information provided from all the nodes in the network. The signatures for these pathogens are incorporated into the detector population of the immune systems to increase the probability of detection. Critical to the success of this system is the detection scheme, which should not only be accurate but also efficient. Three separate schemes for detecting pathogens are examined, namely, Contiguous string matching, Hamming Distance, and Kolmogorov Complexity. This work provides a model of the system and examines the efficiency of different detection schemes. A simulation model is built to study the sensitivity of model parameters, such as signature length, sampling rate, network topology, etc. to detection of pathogens.
Jyoti Kalyani, Karanjit Singh Kahlon, Harpal Singh, Anu Kalyani
«Analysis of Virus Algorithms» 22.31Kb 12917 hits
Journal of Computer Science 2 (10): 785-788, 2006 (2006)
Security of wired and wireless networks is the most challengeable in today’s computer world. The aim of this study was to give brief introduction about viruses and worms, their creators and characteristics of algorithms used by viruses. Here wired and wireless network viruses are elaborated. Also viruses are compared with human immune system. On the basis of this comparison four guidelines are given to detect viruses so that more secure systems are made. While concluding this study it is found that the security is most challengeable, thus it is required to make more secure models which automatically detect viruses and prevent the system from its affect.
Jeffrey Kephart, Gregory Sorkin, William Arnold, David Chess, Gerald Tesauro, Steve White
«Biologically Inspired Defenses Against Computer Viruses» [TeX] 66.15Kb 11640 hits
Proceedings of IJCAI '95, Montreal, August 19-25, 1995, pp. 985-996 (1995)
Today's anti-virus technology, based largely on analysis of existing viruses by human experts, is just barely able to keep pace with the more than three new computer viruses that are written daily. In a few years, intelligent agents navigating through highly connected networks are likely to form an extremely fertile medium for a new breed of viruses. At IBM, we are developing novel, biologically inspired anti-virus techniques designed to thwart both today's and tomorrow's viruses. Here we describe two of these: a neural network virus detector that learns to discriminate between infected and uninfected programs, and a computer immune system that identifies new viruses, analyzes them automatically, and uses the results of its analysis to detect and remove all copies of the virus that are present in the system. The neural-net technology has been incorporated into IBM's commercial anti-virus product; the computer immune system is in prototype.
Jeffrey Kephart, Gregory Sorkin, Morton Swimmer, Steve White
«Blueprint for a Computer Immune System» 54.32Kb 11866 hits
Virus Bulletin International Conference in San Francisco, California (1997)
There is legitimate concern that, within the next few years, the Internet will provide a fertile medium for new breeds of computer viruses capable of spreading orders of magnitude faster than today's viruses. To counter this threat, we have developed an immune system for computers that senses the presence of a previously unknown pathogen, and within minutes automatically derives and deploys a prescription for detecting and removing it. The system is being integrated with a commercial anti-virus product, IBM AntiVirus, and will be available as a pilot in 1997.
Anil Somayaji, Steven Hofmeyr, Stephanie Forrest
«Principles of a Computer Immune System» 33.75Kb 13246 hits
New Security Paradigms Workshop pp. 75-82 (1998)
Natural immune systems provide a rich source of inspiration for computer security in the age of the Internet. Immune systems have many features that are desirable for the imperfect, uncontrolled, and open environments in which most computers currently exist. These include distributability, diversity, disposability, adaptability, autonomy, dynamic coverage, anomaly detection, multiple layers, identity via behavior, no trusted components, and imperfect detection. These principles suggest a wide variety of architectures for a computer immune system.
David Stang
«Fighting Computer Virus Infection through Auto-Immune Responses - Applying Principles of Life to Anti-Virus Technology» 35.82Kb 10787 hits
[...] Computer viruses come closer to 'life' than any other computer software. At the present, the virus is the only software that routinely contains the ability to detect itself, detect software which it has and hasn't infected, and to detect hostile (anti-virus) software. [...]
8 authors, 8 titles
By accessing, viewing, downloading or otherwise using this content you agree to be bound by the Terms of Use! aka