{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,10]],"date-time":"2026-06-10T16:13:45Z","timestamp":1781108025184,"version":"3.54.1"},"reference-count":122,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2007,1,12]],"date-time":"2007-01-12T00:00:00Z","timestamp":1168560000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2007,1,12]],"date-time":"2007-01-12T00:00:00Z","timestamp":1168560000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Nat Comput"],"published-print":{"date-parts":[[2007,12]]},"DOI":"10.1007\/s11047-006-9026-4","type":"journal-article","created":{"date-parts":[[2007,1,11]],"date-time":"2007-01-11T15:04:07Z","timestamp":1168527847000},"page":"413-466","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":189,"title":["Immune system approaches to intrusion detection \u2013 a review"],"prefix":"10.1007","volume":"6","author":[{"given":"Jungwon","family":"Kim","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Peter J.","family":"Bentley","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Uwe","family":"Aickelin","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Julie","family":"Greensmith","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Gianni","family":"Tedesco","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Jamie","family":"Twycross","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2007,1,12]]},"reference":[{"key":"9026_CR1","unstructured":"http:\/\/discovery.csc.ncsu.edu\/software\/correlator\/"},{"key":"9026_CR2","unstructured":"http:\/\/www.cisco.com\/warp\/public\/cc\/pd\/sqsw\/sqidsz\/"},{"key":"9026_CR3","unstructured":"http:\/\/www.enterasys.com\/products\/ids\/"},{"key":"9026_CR4","unstructured":"http:\/\/www.imperva.com\/products\/securesphere\/"},{"key":"9026_CR5","unstructured":"http:\/\/www.iss.net"},{"key":"9026_CR6","unstructured":"http:\/\/www.prelude-ids.org"},{"key":"9026_CR7","doi-asserted-by":"crossref","unstructured":"Aickelin U, Greensmith J and Twycross J (2004) Immune system approaches to intrusion detection \u2013 a review. In: Proceedings ICARIS-2004, 3rd International Conference on Artificial Immune Systems, LNCS 3239, pp. 316\u2013329, Springer-Verlag, Catania, Italy","DOI":"10.1007\/978-3-540-30220-9_26"},{"key":"9026_CR8","doi-asserted-by":"crossref","unstructured":"Aickelin U, Bentley P, Cayzer S, Kim J and McLeod J (2003) Danger theory: The link between ais and ids. In: Proceedings of the Second International Conference on Artificial Immune Systems (ICARIS-03), pp. 147\u2013155","DOI":"10.1007\/978-3-540-45192-1_15"},{"key":"9026_CR9","doi-asserted-by":"crossref","unstructured":"Aickelin U and Cayzer S (2002) The danger theory and its application to ais. In: Timmis J and Bentley PJ (eds) Proceeding of the First International Conference on Artificial Immune System (ICARIS-2002), University of Kent at Canterbury, UK, September 2002, pp. 141\u2013148. University of Kent at Canterbury Printing Unit.","DOI":"10.2139\/ssrn.2832054"},{"key":"9026_CR10","unstructured":"Axelsson S (1999) Intrusion detection systems: a survey and taxonomy. Technical Report No 99\u201315, Chalmers University of Technology, Sweden"},{"key":"9026_CR11","unstructured":"Ayara M, Timmis J, de Lemos R, de Castro LN and Duncan R (2002) Negative selection: how to generate detectors. In: Timmis J and Bentley P (eds) Proceedings of the 1st International Conference on Artificial Immune Systems (ICARIS'-02), Cantebury, UK, September 2002, pp. 89\u201398"},{"key":"9026_CR12","unstructured":"Balthrop J (2004) Personal communication, November"},{"key":"9026_CR13","unstructured":"Balthrop J, Esponda F, Forrest S and Glickman M (2002) Coverage and generalization in an artificial immune system. In: Proceedings of GECCO, pp. 3\u201310"},{"key":"9026_CR14","doi-asserted-by":"crossref","unstructured":"Balthrop J, Forrest S and Glickman M (2002) Revisiting lisys: parameters and normal behaviour. Proceedings of the Congress on Evolutionary Computation, pp. 1045\u20131050","DOI":"10.1109\/CEC.2002.1004387"},{"key":"9026_CR15","doi-asserted-by":"crossref","unstructured":"Begnum K and Burgess M (2003) A scaled, immunological approach to anomaly countermeasures (combining ph with cfengine). Integrated Network Management, pp. 31\u201342","DOI":"10.1007\/978-0-387-35674-7_3"},{"key":"9026_CR16","doi-asserted-by":"crossref","unstructured":"Bentley P, Greensmith J and Ujin S (2005) Two ways to grow tissue for artificial immune systems. In: Jacob C, Pilat MJ, Bentley PJ and Timmis J (eds) Proceeding of the 4th International Conference on Artificial Immune Systems (ICARIS-2005), Vol. 3627, Lecture Notes in Computer Science, Banff, Alta., Canada, August 2005, pp. 139\u2013152. Springer","DOI":"10.1007\/11536444_11"},{"key":"9026_CR17","unstructured":"Blake CL and Merz CJ (1998) Uci repository of machine learning databases. http:\/\/www.ics.uci.edu\/mlearn\/MLRepository.htm.. Irvine, CA: University of California, Department of Information and Computer Science"},{"key":"9026_CR18","unstructured":"Le Boudec J and Sarafijanovic S (2003) An artificial immune system approach to misbehavior detection in mobile ad-hoc networks. Technical Report IC\/2003\/59, Ecole Polytechnique Federale de Lausanne"},{"key":"9026_CR19","doi-asserted-by":"crossref","unstructured":"Le Boudec J and Sarafijanovic S (2004) An artificial immune system approach to misbehavior detection in mobile ad-hoc networks. In: Proceedings of Bio-ADIT 2004 (The First International Workshop on Biologically Inspired Approaches to Advanced Information Technology), Lausanne, Switzerland, January 2004, pp. 96\u2013111","DOI":"10.1007\/978-3-540-27835-1_29"},{"key":"9026_CR20","unstructured":"Burgess M (1998) Computer immunology. In: Proceeding of the Systems Administration Conference (LISA-98), pp. 283\u2013297"},{"key":"9026_CR21","unstructured":"Burgess M (2000) Evaluating cfegine's immunity model of site maintenance. In: Proceeding of the 2nd SANE System Administration Conference (USENIX\/NLUUG)"},{"key":"9026_CR22","unstructured":"Burgess M (2001) Recent developments in cfengine. In: Proceedings of the 2nd Unix.nl Conference, Netherlands"},{"key":"9026_CR23","doi-asserted-by":"crossref","unstructured":"Burgess M (2002) Two dimensional time-series for anomaly detection and regulation in adaptive systems. In: Feridum M et\u00a0al. (eds) Proceedings of 13th IFIP\/IEEE International Workshop on Distributed System, Operations and Management (DSOM 2002), Vol. 2506, Lecture Notes in Computer Science, pp. 169\u2013180. Springer-Verlag","DOI":"10.1007\/3-540-36110-3_17"},{"key":"9026_CR24","doi-asserted-by":"publisher","first-page":"197","DOI":"10.1016\/j.scico.2003.12.004","volume":"51","author":"M Burgess","year":"2004","unstructured":"Burgess M (2004) Configurable immunity for evolving human-computer systems. Science of Computer Programming 51:197\u2013213","journal-title":"Science of Computer Programming"},{"key":"9026_CR25","first-page":"217","volume":"58","author":"M Burgess","year":"2004","unstructured":"Burgess M (2004) Principle components and importance ranking of distributed anomalies. Machine Learning 58: 217\u2013230","journal-title":"Machine Learning"},{"key":"9026_CR26","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1016\/j.scico.2005.06.001","volume":"60","author":"M Burgess","year":"2006","unstructured":"Burgess M (2006) Probabilistic anomaly detection in distributed computer networks. Science of Computer Programming 60: 1\u201326","journal-title":"Science of Computer Programming"},{"key":"9026_CR27","unstructured":"De Castro LN and Von Zuben FJ (2000) An evolutionary immune network for data clustering. In: Fran\u00e7a FMG and Ribeiro CHC (eds) Proceedings of 6th Brazilian Symposium on Neural Networks (SBRN 2000), pp. 84\u201389. IEEE Computer Society"},{"key":"9026_CR28","doi-asserted-by":"crossref","unstructured":"Dain O and Cunningham RK (2001) Fusing a hetrogenous alert stream into scenarios. In: ACM Workshop on Data Mining for Security Applications, pp. 1\u201313","DOI":"10.1007\/978-1-4615-0953-0_5"},{"key":"9026_CR29","unstructured":"Dasgupta D (1999) Immunity-based intrusion detection systems: a general framework. In: Proceeding of the 22nd National Information Systems Security Conference (NISSC), October 1999"},{"key":"9026_CR30","unstructured":"Dasgupta D and Brian H (2001) Mobile security agent for network traffic analysis. In: Proceeding of DARPA Information Survivability Conference and Exposition II (DISCEX-II), June 2001, Anaheium, CA"},{"issue":"3","key":"9026_CR31","doi-asserted-by":"publisher","first-page":"281","DOI":"10.1109\/TEVC.2002.1011541","volume":"6","author":"D Dasgupta","year":"2002","unstructured":"Dasgupta D, Gonzalez F (2002) An immunity-based technique to characterize intrusions in computer networks. IEEE Transactions on Evolutionary Computation 6(3):281\u2013291","journal-title":"IEEE Transactions on Evolutionary Computation"},{"key":"9026_CR32","unstructured":"de Castro L and Timmis J (2002) Artificial Immune Systems: A New Computational Intelligence Approach. Springer"},{"key":"9026_CR33","doi-asserted-by":"crossref","unstructured":"de Paula FS, de Castro LN and de Geus PL (2004) An intrusion detection system using ideas from the immune system. In: Proceeding of IEEE Congress on Evolutionary Computation (CEC-2004), Portland, OR, USA, June 2004, pp. 1059\u20131066","DOI":"10.1109\/CEC.2004.1330979"},{"key":"9026_CR34","doi-asserted-by":"crossref","unstructured":"Debar H, Becker M and Siboni D (1992) A neural network component for an intrusion detection system. In: SP '92: Proceedings of the 1992 IEEE Symposium on Security and Privacy, p. 240. IEEE Computer Society","DOI":"10.1109\/RISP.1992.213257"},{"key":"9026_CR35","doi-asserted-by":"crossref","first-page":"83","DOI":"10.1007\/BF02994844","volume":"55","author":"H Debar","year":"2000","unstructured":"Debar H, Dacier M, Wespi A (2000) A revised taxonomy of intrusion-detection systems. Annales des Telecommunications 55:83\u2013100","journal-title":"Annales des Telecommunications"},{"key":"9026_CR36","doi-asserted-by":"crossref","unstructured":"D'haeseleer P, Forrest S and Helman P (1996) An immunological approach to change detection: theoretical results. In: Proceedings of the 9th IEEE Computer Security Foundations Workshop, Washington, DC, USA, pp. 18\u201327. IEEE Computer Society","DOI":"10.1109\/CSFW.1996.503687"},{"key":"9026_CR37","doi-asserted-by":"crossref","unstructured":"D'haeseleer P, Forrest S and Helman P (1996) An immunology approach to change detection: algorithm, analysis and implications. In: Proceeding of 1996 IEEE Symposium on Computer Security and Privacy, Los Alamitos, CA, pp. 110\u2013119. IEEE Computer Society","DOI":"10.1109\/SECPRI.1996.502674"},{"key":"9026_CR38","doi-asserted-by":"crossref","unstructured":"Dozier G, Brown D, Hurley J and Cain K (2004) Vulnerability analysis of immunity-based intrusion detection systems using evolutionary hackers. In: Deb K et\u00a0al. (eds) Genetic and Evolutionary Computation \u2013 GECCO-2004, Part I, Vol. 3102, Lecture Notes in Computer Science, Seattle, WA, USA, 26\u201330 June 2004, pp. 263\u2013274. ISGEC, Springer-Verlag","DOI":"10.1007\/978-3-540-24854-5_28"},{"key":"9026_CR39","unstructured":"Ebner M, Breunig H and Albert J (2002) On the use of negative selection in an artificial immune system. In: Proceedings of GECCO-2002, New York, USA, July 2002, pp. 957\u2013964. Morgan Kaufmann"},{"key":"9026_CR40","doi-asserted-by":"publisher","first-page":"124","DOI":"10.1109\/4235.771166","volume":"3","author":"A Eiben","year":"1999","unstructured":"Eiben A, Hinterding R, Michalewicz Z (1999) Parameter control in evolutionary algorithms. IEEE Transactions on Evolutionary Computation 3:124\u2013141","journal-title":"IEEE Transactions on Evolutionary Computation"},{"key":"9026_CR41","doi-asserted-by":"crossref","unstructured":"Esponda F, Forrest S and Helman P (2003) The crossover closure and partial match detection. In: Timmis J, Bentley P and Hart E (eds) Proceedings of the 2nd International Conference on Artificial Immune Systems (ICARIS'-03), Vol. 2787, Lecture Notes in Computer Science, Edinburgh, UK, September 2003, pp. 249\u2013260. Springer-Verlag","DOI":"10.1007\/978-3-540-45192-1_24"},{"issue":"1","key":"9026_CR42","doi-asserted-by":"publisher","first-page":"357","DOI":"10.1109\/TSMCB.2003.817026","volume":"34","author":"F Esponda","year":"2004","unstructured":"Esponda F, Forrest S, Helman P (2004) A formal framework for positive and negative detection schemes. IEEE Transactions on Systems, Man, and Cybernetics Part B Cybernetics 34(1):357\u2013373","journal-title":"IEEE Transactions on Systems, Man, and Cybernetics Part B Cybernetics"},{"key":"9026_CR43","doi-asserted-by":"crossref","unstructured":"Fang L and Le-Ping L (2005) Unsupervised anomaly detection based on an evolutionary artificial immune network. In: Rothlauf F et\u00a0al. (eds) Proceeding of Applications of Evolutionary Computing, EvoWorkshops-2005, Vol. 3449, Lecture Notes in Computer Science, pp. 166\u2013174. Springer","DOI":"10.1007\/978-3-540-32003-6_17"},{"key":"9026_CR44","doi-asserted-by":"publisher","first-page":"187","DOI":"10.1016\/0167-2789(86)90240-X","volume":"22","author":"JD Farmer","year":"1986","unstructured":"Farmer JD, Packard NH, Perelson AS (1986) The immune system, adaptation and machine learning. Physica D 22:187\u2013204","journal-title":"Physica D"},{"key":"9026_CR45","doi-asserted-by":"crossref","unstructured":"Forrest S, Perelson AS, Allen L and Cherukuri R (1994) Self\u2013nonself discrimination in a computer. In: Proceedings of the 1994 IEEE Symposium on Security and Privacy, p. 202. IEEE Computer Society","DOI":"10.1109\/RISP.1994.296580"},{"issue":"2","key":"9026_CR46","doi-asserted-by":"publisher","first-page":"145","DOI":"10.1162\/1063656054088512","volume":"13","author":"SM Garrett","year":"2005","unstructured":"Garrett SM (2005) How do we evaluate artificial immune systems?. Evolutionary Computation, 13(2):145\u2013178","journal-title":"Evolutionary Computation,"},{"issue":"2","key":"9026_CR47","doi-asserted-by":"publisher","first-page":"179","DOI":"10.1162\/1063656054088503","volume":"13","author":"M Glickman","year":"2005","unstructured":"Glickman M, Balthrop J, Forrest S (2005) A machine learning evaluation of an artificial immune system. Evolutionary Computation 13(2):179\u2013212","journal-title":"Evolutionary Computation"},{"key":"9026_CR48","unstructured":"Goldsby RA, Kindt TJ, Osborne BA, and Freeman WH (2002) Kubi Immunology. W.H. Freeman and Co., 5th ed"},{"key":"9026_CR49","doi-asserted-by":"crossref","unstructured":"Gomez J, Gonzalez F and Dasgupta D (2003) An immuno-fuzzy approach to anomaly detection. In: Proceedings of the 12th IEEE International Conference on Fuzzy Systems (FUZZIEEE), Vol. 2, May 2003, pp. 1219\u20131224","DOI":"10.1109\/FUZZ.2003.1206605"},{"key":"9026_CR50","unstructured":"Gonzalez F (2003) A study of artificial immune systems applied to anomaly detection. PhD thesis, The University of Memphis, May 2003"},{"key":"9026_CR51","doi-asserted-by":"crossref","unstructured":"Gonzalez F, Dagupta D and Gomez J (2003) The effect of binary matching rules in negative selection. In: Proceedings of the Genetic and Evolutionary Computation Conference (GECCO)-2003, Vol. 2723, Lecture Notes in Computer Science, July 2003, pp. 198\u2013209. Springer-Verlag","DOI":"10.1007\/3-540-45105-6_25"},{"key":"9026_CR52","unstructured":"Gonzalez F, Dagupta D and Nino LF (2003) A randomized real-valued negative selection algorithm. In: Timmis J, Bentley P and Hart E (eds) Proceedings of the 2nd International Conference on Artificial Immune Systems (ICARIS-2003), Vol. 2787, Lecture Notes in Comupter Science, Edinburgh, UK, September 2003, pp. 261\u2013272. Springer"},{"key":"#cr-split#-9026_CR53.1","unstructured":"Gonzalez F, Dasgupta D and Kozma R (2002) Combining negative selection and classification techniques for anomaly detection. In: IEEE"},{"key":"#cr-split#-9026_CR53.2","unstructured":"(ed) Proceedings of the Congress on Evolutionary Computation (CEC-2002), Honolulu, HI, May 2002, pp. 705-710"},{"key":"9026_CR54","unstructured":"Gonzalez F and Dasgupta D (2002) An imunogenetic technique to detect anomalies in network traffic. In: Proceedings of the Genetic and Evolutionary Computation Conference (GECCO), New York, July 2002, pp. 1081\u20131088. Morgan Kaufmann"},{"key":"9026_CR55","doi-asserted-by":"publisher","first-page":"383","DOI":"10.1023\/A:1026195112518","volume":"4","author":"F Gonzalez","year":"2003","unstructured":"Gonzalez F, Dasgupta D (2003) Anomaly detection using real-valued negative selection. Journal of Genetic Programming and Evolvable Machines 4:383\u2013403","journal-title":"Journal of Genetic Programming and Evolvable Machines"},{"key":"9026_CR56","doi-asserted-by":"crossref","unstructured":"Gonzalez FA, Galeano JC, Rojas DA and Veloza-Suan A (2005) Discriminating and visualizing anomalies using negative selection and self-organizing maps. In: Beyer H-G et\u00a0al. (eds) GECCO 2005: Proceedings of the 2005 Conference on Genetic and Evolutionary Computation, Vol. 1, Washington DC, USA, 25\u201329, June 2005, pp. 297\u2013304. ACM SIGEVO (formerly ISGEC), ACM Press","DOI":"10.1145\/1068009.1068058"},{"key":"9026_CR57","doi-asserted-by":"crossref","unstructured":"Gonzalez LJ and Cannady J (2004) A self-adaptive negative selection approach for anomaly detection. In: Proceedings of the 2004 Congress of Evolutionary Computation (CEC-2004), pp. 1561\u20131568. IEEE Computer Society","DOI":"10.1109\/CEC.2004.1331082"},{"key":"9026_CR58","doi-asserted-by":"crossref","unstructured":"Greensmith J, Aickelin U and Cayzer S (2005) Introducing dendritic cells as a novel immune inspired algorithm for anomaly detection. In: Jacob C, Pilat MJ, Bentley PJ and Timmis J (eds) Proceeding of the 4th International Conference on Artificial Immune Systems (ICARIS-2005), Vol. 3627, Lecture Notes in Computer Science, Banff, Alberta, Canada, August 2005, pp. 153\u2013167. Springer","DOI":"10.1007\/11536444_12"},{"key":"9026_CR59","doi-asserted-by":"crossref","unstructured":"Hang X and Dai H (2004) Constructing detectors in schema complementary spce for anomaly detection. In: Deb K et\u00a0al. (eds) Proceedings of GECCO'2004, Vol. 3102, Lecture Notes in Computer Science, pp. 275\u2013286. Springer-Verlag","DOI":"10.1007\/978-3-540-24854-5_29"},{"key":"9026_CR60","doi-asserted-by":"crossref","unstructured":"Hang X and Dai H (2005) Applying both positive and negative selection to supervised learning for anomaly detection. In: Beyer H-G et\u00a0al. (eds) GECCO 2005: Proceedings of the 2005 Conference on Genetic and Evolutionary Computation, Vol. 1, Washington DC, USA, 25\u201329 June 2005, pp. 345\u2013352. ACM SIGEVO (formerly ISGEC), ACM Press","DOI":"10.1145\/1068009.1068064"},{"issue":"3","key":"9026_CR61","doi-asserted-by":"publisher","first-page":"252","DOI":"10.1109\/TEVC.2002.1011540","volume":"6","author":"PK Harmer","year":"2002","unstructured":"Harmer PK, Williams PD, Gunsch GH, Lamont GB (2002) An artificial immune system architecture for computer security applications. IEEE Transactions on Evolutionary Computation 6(3):252\u2013280","journal-title":"IEEE Transactions on Evolutionary Computation"},{"key":"9026_CR62","unstructured":"Hofmeyr S (1999) An immunological model of distributed detection and its application to computer security. PhD thesis, University Of New Mexico"},{"key":"9026_CR63","doi-asserted-by":"crossref","first-page":"151","DOI":"10.3233\/JCS-980109","volume":"6","author":"S Hofmeyr","year":"1998","unstructured":"Hofmeyr S, Forrest S (1998) Intrusion detection using sequences of system calls. Journal of Computer Security 6:151\u2013180","journal-title":"Journal of Computer Security"},{"key":"9026_CR64","unstructured":"Hofmeyr S and Forrest S (1999) Immunity by design. Proceedings of GECCO, pp. 1289\u20131296"},{"issue":"1","key":"9026_CR65","first-page":"45","volume":"7","author":"S Hofmeyr","year":"2000","unstructured":"Hofmeyr S, Forrest S (2000) Architecture for an artificial immune system. Evolutionary Computation 7(1):45\u201368","journal-title":"Evolutionary Computation"},{"key":"9026_CR66","unstructured":"Holland JH (1995) Hidden Order. Addisson Wesley"},{"key":"9026_CR67","doi-asserted-by":"crossref","unstructured":"Hortos WS (2003) An artificial immune system for securing mobile ad hoc networks against intrusion attacks. In: Priddy KL and Angeline PJ (eds) Proceeding of SPIE, Vol. 5103, Intelligent Computing: Theory and Applications, pp. 74\u201391","DOI":"10.1117\/12.488273"},{"key":"9026_CR68","doi-asserted-by":"crossref","unstructured":"Hou H and Dozier G (2005) Immunity-based intrusion detection system design, vulnerability analysis, and the genertia genetic arms race. In: Haddad H et\u00a0al. (eds) Proceedings of the 2005 ACM Symposium on Applied Computing, Santa Fe, New Mexico, 13\u201317 March 2005, pp. 961\u2013965. ACM Press","DOI":"10.1145\/1066677.1066895"},{"key":"9026_CR69","unstructured":"Jackson K, DuBois D and Stallings C (1994) The nides statistical component description and justification Technical Report Annual Report, A010, Computer Science Laboratory, SRI International, Menlo Park, CA, March 1994"},{"key":"9026_CR70","unstructured":"Jerne NK (1974) Towards a network theory of the immune system. Annals of Immunology"},{"key":"9026_CR71","unstructured":"Ji Z and Dasgupta D (2004) Augmented negative selection algorithm with variable-coverage detectors. In: Proceedings of Congress on Evolutionary Computation (CEC-04), Portland, Oregon (U.S.A.), June 2004, pp. 1081\u20131088"},{"key":"9026_CR72","doi-asserted-by":"crossref","unstructured":"Ji Z and Dasgupta D (2004) Real-valued negative selection using variable-sized detectors. In: Deb K et\u00a0al. (eds) Proceeding of Genetic and Evolutionary Computation Conference (GECCO-2004), Lecture Notes in Computer Science, Seattle, WA, June 2004, pp. 287\u2013298. Springer-Verlag","DOI":"10.1007\/978-3-540-24854-5_30"},{"key":"9026_CR73","doi-asserted-by":"crossref","unstructured":"Ji Z and Dasgupta D (2005) Estimating the detector coverage in a negative selection algorithm. In: Beyer H-G et\u00a0al. (eds) GECCO 2005: Proceedings of the 2005 Conference on Genetic and Evolutionary Computation, Vol. 1, Washington, DC, USA, 25\u201329 June 2005, pp. 281\u2013288. ACM SIGEVO (formerly ISGEC), ACM Press","DOI":"10.1145\/1068009.1068056"},{"key":"9026_CR74","unstructured":"Trapnell BC Jr (2005) A peer-to-peer blacklisting strategy inspired by leukocyte-endothelium interaction. In: Jacob C, Pilat ML, Bentley PJ and Timmis J (eds) Proceedings of the 4th International Conference on Artificial Immune Systems-2005, Vol. 3627, Lecture Notes in Computer Science, Banff, Alta., Canada, August 2005, pp. 362\u2013373. Springer"},{"key":"9026_CR75","doi-asserted-by":"crossref","unstructured":"Kaers J, Wheeler R and Verrelst H (2003) The effect of antibody morphology on non-self detection. In: Timmis J, Bentley P and Verrelst H (eds) Proceedings of the 2nd International Conference on Artificial Immune Systems (ICARIS-03), Vol. 2787, Lecture Notes on Computer Science, Edinburgh, UK, September 2003, pp. 285\u2013295. Springer-Verlag","DOI":"10.1007\/978-3-540-45192-1_27"},{"key":"9026_CR76","doi-asserted-by":"crossref","unstructured":"Kephart J (1994) A biologically inspired immune system for computers. In: Proceedings of the Fourth International Workshop on Synthesis and Simulatoin of Living Systems, Artificial Life IV, pp. 130\u2013139","DOI":"10.7551\/mitpress\/1428.003.0017"},{"key":"9026_CR77","unstructured":"Kephart JO, Sorkin GB, Arnold WC, Chess DM, Teasuro GJ and White SR (1997) Biologically Inspired Defences against Computer Viruses, pp. 313\u2013334. Machie Learning and Data Mining: Method and Applications. John-Wiley & Son"},{"key":"9026_CR78","doi-asserted-by":"crossref","unstructured":"Kephart JO, Sorkin GB, Swimmer M and White SR (1998) Blueprint for a Computer Immune System, pp. 241\u2013261. Artificial Immune Systems and Their Applications. Springer-Verlag","DOI":"10.1007\/978-3-642-59901-9_13"},{"key":"9026_CR79","unstructured":"Kim G and Spafford EH (1993) The design of a system integrity monitor: Tripwire. Technical Report, Department of Computer Sciences, Purdue University (CSD-TR- 93\u2013071)"},{"key":"9026_CR80","unstructured":"Kim J and Bentley P (1999) The artificial immune model for network intrusion detection. In: Proceeding of European Congress on Intelligent Techniques and Soft Computing (EUFIT '99), Aachen, Germany, September 1999"},{"key":"9026_CR81","unstructured":"Kim J and Bentley P (1999) The human immune system and network intrusion detection. In: Proceeding of European Congress on Intelligent Techniques and Soft Computing (EUFIT '99), Aachen, Germany, September 1999"},{"key":"9026_CR82","unstructured":"Kim J and Bentley P (2001) Evaluating negative selection in an artificial immune system for network intrusion detection. In: Proceedings of GECCO, July 2001, pp. 1330\u20131337"},{"key":"9026_CR83","unstructured":"Kim J and Bentley P (2002) Towards an artificial immune system for network intrusion detection: an investigation of dynamic clonal selection. In: Proceeding of the Congress on Evolutionary Computation (CEC-2002), Honolulu, Hawaii, May 2002, pp. 1015\u20131020"},{"issue":"4","key":"9026_CR84","doi-asserted-by":"publisher","first-page":"361","DOI":"10.1023\/B:GENP.0000036019.81454.41","volume":"5","author":"J Kim","year":"2004","unstructured":"Kim J, Bentley P (2004) Immune memory and gene library evolution in the dynamical clonal selection algorithm. Journal of Genetic Programming and Evolvable Machines 5(4):361\u2013391","journal-title":"Journal of Genetic Programming and Evolvable Machines"},{"key":"9026_CR85","unstructured":"Kim J and Bentley PJ (2001) Towards an artificial immune system for network intrusion detection: an investigation of clonal selection with a negative selection operator. In: Proceeding of the Congress on Evolutionary Computation (CEC- 2001), Seoul, Korea, pp. 1244\u20131252"},{"key":"9026_CR86","doi-asserted-by":"crossref","unstructured":"Kim J, Greensmith J, Twycross J and Aickelin U (2005) Malicious code execution detection and response immune system inspired by the danger theory. Adaptive and Resilient Computing Security Workshop (ARCS-05), November 2005","DOI":"10.2139\/ssrn.2832006"},{"key":"9026_CR87","doi-asserted-by":"crossref","unstructured":"Kim J, Wilson W, Aickelin U and McLeod J (2005) Cooperative automated worm response and detection immune algorithm (cardinal) inspidred by t-cell immunity and tolerance. In: Jacob C, Pilat MJ, Bentley PJ and Timmis J (eds) Proceeding of the 4th National Conference on Artificial Immune Systems (ICARIS-2005), Vol. 3627, Lecture Notes in Computer Science, Banff, Alta., Canada, August 2005, pp. 168\u2013181. Springer","DOI":"10.1007\/11536444_13"},{"key":"9026_CR88","unstructured":"Kim JW (2002) Integrating Artificial Immune Algorithms for Intrusion Detection. PhD thesis, University College London"},{"key":"9026_CR89","unstructured":"Lincoln Labs (1999) dataset. MIT Lincoln Labs"},{"key":"9026_CR90","unstructured":"Lamont GB, Marmelstein RE and Van Veldhuizen DA (1999) A Distributed Architecture for a Self-Adaptive Computer Virus Immune System, pp. 167\u2013183. New Ideas in Optimization, Advanced Topics in Computer Science Series. McGrow-Hill, London"},{"key":"9026_CR91","unstructured":"Leach J and Tedesco G (2003) Firestorm network intrusion detection system. Firestorm Documentation"},{"key":"9026_CR92","unstructured":"Lundin E and Jonsson E (2002) Survey of research in the intrusion detection area. Technical Report 02\u201304, Department of Computer Engineering, Chalmers University of Technology, Goteborg, Sweden, January 2002"},{"key":"9026_CR93","doi-asserted-by":"crossref","first-page":"991","DOI":"10.1146\/annurev.iy.12.040194.005015","volume":"12","author":"P Matzinger","year":"1994","unstructured":"Matzinger P (1994) Tolerance, danger, and the extended family. Annual Review of Immunology 12:991\u20131045","journal-title":"Annual Review of Immunology"},{"key":"9026_CR94","doi-asserted-by":"crossref","unstructured":"Melnikov Y and Tarakanov AO (2003) Immunocomputing model of intrusion detection. In: Computer Network Security, Second International Workshop on Mathematical Methods, Models, and Architectures for Computer Network Security, MMM-ACNS 2003, St. Petersburg, Russia, 21\u201323 September 2003, Proceedings, pp. 453\u2013456","DOI":"10.1007\/978-3-540-45215-7_44"},{"key":"9026_CR95","unstructured":"Ning P, Xu D, Healey CG and Amant RS (2004) Building attack scenarios through integration of complementary alert correlation method. In: NDSS"},{"key":"9026_CR96","unstructured":"NIST (2001) Intrusion detection systems. NIST Computer Science Special Reports SP 800\u201331, November 2001"},{"key":"9026_CR97","unstructured":"Northcutt S and Novak J (2003) Network Intrusion Detection. New Riders, 3rd ed"},{"key":"9026_CR98","unstructured":"Nessus Project. http:\/\/www.nessus.org"},{"key":"9026_CR99","unstructured":"Roesch M and Green C (2003) Snort users manual snort release: 2.0.1. Snort Documentation"},{"key":"9026_CR100","unstructured":"Sarafijanovic S and Le Boudec J (2003) An artificial immune system approach with secondary response for misbehavior detection in mobile ad-hoc networks. Technical Report IC\/2003\/65, Ecole Polytechnique Federale de Lausanne"},{"key":"9026_CR101","doi-asserted-by":"crossref","unstructured":"Sarafijanovic S and Le Boudec J (2004) An artificial immune system for misbehavior detection in mobile ad-hoc networks with virtual thymus, clustering, danger signal and memory detectors. In: Proceedings of the 3rd International Conference on Artificial Immune Systems (ICARIS'-04), Catania, Italy, September 2004, pp. 342\u2013356","DOI":"10.1007\/978-3-540-30220-9_28"},{"key":"9026_CR102","doi-asserted-by":"crossref","unstructured":"Shapiro JM, Lamont GB and Peterson GL (2005) An evolutionary algorithm to generate hyper-ellipsoid detectors for negative selection. In: Beyer H-G et\u00a0al. (eds) GECCO 2005: Proceedings of the 2005 Conference on Genetic and Evolutionary Computation, Vol. 1, Washington, DC, USA, 25\u201329 June 2005, pp. 337\u2013344. ACM SIGEVO (formerly ISGEC), ACM Press","DOI":"10.1145\/1068009.1068063"},{"key":"9026_CR103","unstructured":"Singh S (2002) Anomaly detection using negative selection based on the r-contiguous matching rule. In: Timmis J and Bentley PJ (eds) Proceedings of the 1st International Conference on Artificial Immune Systems (ICARIS'-02), Canterbury, UK, September 2002, pp. 99\u2013106"},{"issue":"2","key":"9026_CR104","doi-asserted-by":"crossref","first-page":"127","DOI":"10.1162\/evco.1993.1.2.127","volume":"1","author":"RE Smith","year":"1993","unstructured":"Smith RE, Forrest S, Perelson AS (1993) Searching for diverse, cooperative population with genetic algorithms. Evolutionary Computation 1(2):127\u2013149","journal-title":"Evolutionary Computation"},{"key":"9026_CR105","unstructured":"Somayaji A, Forrest S, Hofmeyr S, and Longstaff T (1996) A sense of self for unix processes. IEEE Symposium on Security and Privacy, pp. 120\u2013128"},{"key":"9026_CR106","doi-asserted-by":"crossref","unstructured":"Somayaji A, Hofmeyr S and Forrest S (1997) Principles of a computer immune system. In: Proceeding of New Security Workshop, Langdale, Cumbria, pp. 75\u201382","DOI":"10.1145\/283699.283742"},{"key":"9026_CR107","unstructured":"Somayaji AB (2002) Operating system stability and security through process homeostasis. PhD thesis, University Of New Mexico"},{"issue":"1\u20132","key":"9026_CR108","doi-asserted-by":"crossref","first-page":"105","DOI":"10.3233\/JCS-2002-101-205","volume":"10","author":"S Staniford","year":"2002","unstructured":"Staniford S, Hoagland J, McAlerney J (2002) Practical automated detection of stealthy portscans. Journal of Computer Security 10(1\u20132):105\u2013126","journal-title":"Journal of Computer Security"},{"key":"9026_CR109","doi-asserted-by":"crossref","unstructured":"Stibor T, Bayarou KM and Eckert C (2004) An investigation of r-chunk detector generation on higher alphabets. In: Deb K et\u00a0al. (eds) Proceedings of GECCO' 2004, Vol. 3102, Lecture Notes in Computer Science, pp. 299\u2013307","DOI":"10.1007\/978-3-540-24854-5_31"},{"key":"9026_CR110","doi-asserted-by":"crossref","unstructured":"Stibor T, Mohr P, Timmis J and Eckert C (2005) Is negative selection appropriate for anomaly detection? In: Beyer H-G et\u00a0al. (eds) GECCO 2005: Proceedings of the 2005 Conference on Genetic and Evolutionary Computation, Vol. 1, Washington, DC, USA, 25\u201329 June 2005, pp. 321\u2013328. ACM SIGEVO (formerly ISGEC), ACM Press","DOI":"10.1145\/1068009.1068061"},{"key":"9026_CR111","doi-asserted-by":"crossref","unstructured":"Stibor T, Timmis J and Eckert C (2005) A comparative study of real-valued negative selection to statistical anomaly detection techniques. In: Jacob C, Pilat MJ, Bentley PJ and Timmis J (eds) Proceedings of the 4th International Conference on Artificial Immune Systems (ICARIS-2005), Vol. 3627, Lecture Notes in Computer Science, Banff, Alta., Canada, August 2005, pp. 262\u2013275. Springer","DOI":"10.1007\/11536444_20"},{"key":"9026_CR112","doi-asserted-by":"crossref","unstructured":"Stibor T, Timmis J and Eckert C (2005) On the appropriateness of negative selection defined over hamming shape-space as a network intrusion detection system. In: Proceedings of the Congress on Evolutionary Computation (CEC-2005), Edinburgh, UK, September 2005, pp. 995\u20131002. IEEE Press","DOI":"10.1109\/CEC.2005.1554799"},{"issue":"7","key":"9026_CR113","doi-asserted-by":"publisher","first-page":"62","DOI":"10.1145\/306549.306577","volume":"42","author":"M Stillerman","year":"1999","unstructured":"Stillerman M, Marceau C, Stillman M (1999) Intrusion detection for distributed application. Communications of the ACM 42(7):62\u201369","journal-title":"Communications of the ACM"},{"key":"9026_CR114","unstructured":"Twycross J and Aickelin U (2005) Towards a conceptual framework for innate immunity. In: Jacob C, Pilat MJ, Bentley PJ and Timmis J (eds) Proceeding of the 4th International Conference on Artificial Immune Systems (ICARIS-2005), Vol. 3627, Lecture Notes in Computer Science, Banff, Alta., Canada, August 2005, pp. 112\u2013125. Springer"},{"key":"9026_CR115","doi-asserted-by":"crossref","unstructured":"Valdes A and SkinnerK (2001) Probabilistic alert correlation. In: RAID '00: Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection, pp. 54\u201368. Springer-Verlag","DOI":"10.1007\/3-540-45474-8_4"},{"key":"9026_CR116","unstructured":"White SR, Swimmer M, Pring EJ, Arnold WC, Chess DM and Morar JF (2000) Anatomy of a commercial-grade immune system. http:\/\/www.research.ibm.com\/ antivirus\/SciPapers.htm"},{"issue":"3","key":"9026_CR117","first-page":"1","volume":"1","author":"ST Wierzchon","year":"2000","unstructured":"Wierzchon ST (2000) Discriminative power of the receptors activated by k-contigous bits rule. Journal of Computer Science and Technology, Special Issue on Research in Computer Science 1(3):1\u201313","journal-title":"Journal of Computer Science and Technology, Special Issue on Research in Computer Science"},{"key":"9026_CR118","doi-asserted-by":"crossref","unstructured":"Wierzchon ST (2000) Generating Optimal Repertoire of Antibody Strings in an Artificial Immune System, pp. 119\u2013133. Intelligent Information Systems, Advances in Soft Computing Series of Physica-Verlag. Physica-Verlag, Heidelberg, New York","DOI":"10.1007\/978-3-7908-1846-8_12"},{"key":"9026_CR119","unstructured":"Wierzchon ST (2001) Deriving a Concise Description of Non-Self Pattern in an Artificial Immune System, pp. 438\u2013458. New Learning Paradigm in Soft Computing. Physica-Verlag, Heidelberg, New York"},{"key":"9026_CR120","doi-asserted-by":"crossref","unstructured":"Xie Y, Kim H, O'Hallaron DR, Reiter MlK, Zhang H (2004) Seurat: a pointillist approach to anomaly detection. In: RAID, pp. 238\u2013257","DOI":"10.1007\/978-3-540-30143-1_13"},{"key":"9026_CR121","doi-asserted-by":"crossref","unstructured":"Zeng X, Bagrodia R and Gerla M (1998) Glomosim: a library for parallel simulation of large scale wireless networks. In: Proceedings of the 12th Workshop on Parallel and Distributed Simulations (PDAS' 98), Banff, Alberta, Canada, May 1998","DOI":"10.1145\/278009.278027"}],"container-title":["Natural Computing"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11047-006-9026-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s11047-006-9026-4\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11047-006-9026-4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11047-006-9026-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,1,12]],"date-time":"2025-01-12T22:28:26Z","timestamp":1736720906000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s11047-006-9026-4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2007,1,12]]},"references-count":122,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2007,12]]}},"alternative-id":["9026"],"URL":"https:\/\/doi.org\/10.1007\/s11047-006-9026-4","relation":{},"ISSN":["1567-7818","1572-9796"],"issn-type":[{"value":"1567-7818","type":"print"},{"value":"1572-9796","type":"electronic"}],"subject":[],"published":{"date-parts":[[2007,1,12]]},"assertion":[{"value":"31 May 2006","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"12 October 2006","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"12 January 2007","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}