Computer Immunity Using an Intrusion Detection System (IDS)
An intrusion detection system in the design and implementation of a computer immune system that would be built on the framework of the human immune system is successfully realized and in addition a prevention mechanism using the windows IP Firewall feature has been incorporated and the system is able to perform intrusion detection and prevention.
Abstract
Computers are involved in every aspect of modern society and have become an essential part of our lives, but their vulnerability is of increasing concern to us. Security flaws are inherent in the operation of computers Most flaws are caused by errors in the process of software engineering or unforeseen mishaps and it is difficult to solve these problems by conventional methods. A radical way of constantly monitoring the system for newly disclosed vulnerabilities is required. In order to devise such a system, this work draws an analogy between computer immune systems and the human immune system. The computer immune system is the equivalent of the human immune system. The primary objective of this paper is to use an intrusion detection system in the design and implementation of a computer immune system that would be built on the framework of the human immune system. This objective is successfully realized and in addition a prevention mechanism using the windows IP Firewall feature has been incorporated. Hence the system is able to perform intrusion detection and prevention. Data was collected about events occurring in a computer network that violate predefined security policy, such as attempts to affect the confidentiality, integrity or its availability using Snort rules for known attacks and adaptive detection for the unknown attacks. The system was tested using real-time data and Intrusion Detection evaluation (IDEVAL) Department of Defense Advanced Research Projects Agency (DARPA) data set. The results were quite encouraging as few false positive were recorded.