KEYWORDS: Network security, Sensors, Databases, Systems modeling, Detection and tracking algorithms, Mendelevium, Computer networks, Surveillance, Chemical elements, Computing systems
We develop a hierarchical immunological model to detect bot activities in a computer network. In the proposed model
antibody (detector)-antigen (foreign object) reactions are defined using negative selection based approach and negative
systems-properties are defined by various temporal as well as non-temporal systems features. Theory of sequential
hypothesis testing has been used in the literature for identifying spatial-temporal correlations among malicious remote
hosts and among the bots within a botnet. We use it for combining multiple immunocomputing based decisions too.
Negative selection based approach defines a self and helps identifying non-selves. We define non-selves with respect to
various systems characteristics and then use different combinations of non-selves to design bot detectors. Each detector
operates at the client sites of the network under surveillance. A match with any of the detectors suggests presence of a
bot. Preliminary results suggest that the proposed model based solutions can improve the identification of bot activities.
Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks.
You are receiving this notice because your organization may not have SPIE eBooks access.*
*Shibboleth/Open Athens users─please
sign in
to access your institution's subscriptions.
To obtain this item, you may purchase the complete book in print or electronic format on
SPIE.org.
INSTITUTIONAL Select your institution to access the SPIE Digital Library.
PERSONAL Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.