Emulation of the Active Immune Response in a Computer Network

Abstract

Active immune response (AIR) offer principles that could be successfully implemented in defense mechanisms of computer networks of the nearest future: decentralized detection/mitigation, portable specialized defense agents, continuous status assessment, feedback mechanism assuring a rational parity between attacking and defense agents, etc. A mathematical model of AIR has been developed and validated by simulation. On its basis, a computer network defense mechanism utilizing the above features, capable of deployment of specialized anti-worm entities in a computer network, is proposed. It leads to the development of a fully automatic computer network defense system. The feasibility and implementation aspects of the particular components of this system are addressed. A system call-based approach resulting in the improved IDS, and an approach to continuous status assessment of a computer networks by selective scanning are developed.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 15, 2009
Accession Number
ADA574395

Entities

People

  • Victor A. Skormin

Organizations

  • Binghamton University

Tags

Communities of Interest

  • Cyber
  • Energy and Power Technologies

DTIC Thesaurus Topics

  • Anti-Virus Software
  • Computational Science
  • Computer Network Security
  • Computer Networks
  • Computer Program Reliability
  • Computer Programming
  • Computer Programs
  • Computers
  • Control Systems
  • Cybersecurity
  • Databases
  • Detection
  • Intrusion Detectors
  • Malware
  • Mathematical Models
  • Operating Systems
  • Warning Systems

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Oncology
  • Parallel and Distributed Computing.