Information Technology Reference
In-Depth Information
highest achievable performance for a large class of real-time floating-point
applications and 2) the availability of rather advanced software tools for
implementation of the developed algorithms.
According to our preliminary experiments, the TigerSHARC evaluation board EZ-
KIT (ADSP-TS101S 250 MHz) works by 35 times faster than PC (Intel Celeron 400
MHz) while implementing an IC algorithm of recognition of results in immunoassay-
based diagnostic arrays [18]. However, main advantage of the TigerSHARC
implementation of the immunochip for on-line intrusion detection can be previewed
in extracting of the recognizing pattern (network connection record) from the input
flow (network traffic).
8 Conclusion
According to test results, SFIN reduces the storing patterns by 63.6 times using
Apoptosis and Immunization without any loss of accuracy of recognition. Although
this increases the training time (from 8 seconds to 1.5 minutes for AMD Athlon 1.53
GHz), nevertheless, more important is the decrease of the recognition time at least by
60 times per pattern (by decreasing number of the stored cells of SFIN to be
compared with recognizing pattern).
It is also worth noting that so good performance of SFIN (error-free recognition
with rather low training time) on the data of real-life dimension looks unobtainable
for main competitors in the field of computational intelligence [7] like artificial neural
networks (ANN) [5] and genetic algorithms (GA) [3]. According to our comparison in
[20] and [21], SFIN trains by at least 40 times faster and recognizes by at least 2 times
correctly than ANN and GA on the tasks of environmental monitoring and laser
physics. These tasks have rather low dimension: 17×23×6 for ecological atlas and
19×5 for laser diode. However, the drawbacks of ANN and GA seem especially
inadmissible for the task of intrusion detection with rather high dimension: 51608×41
and more.
The obtained results also show that the developing approach can successfully be
applied to on-line intrusion detection in a typical US Air Force LAN (as simulated by
the data of UCI KDD archive).
Acknowledgement
This work is supported by EOARD under project # 017007 "Development of
mathematical models of immune networks intended for information security
assurance".
References
1.
Bay, S.D.: The UCI KDD Archive [http://kdd.ics.uci.edu]. Irvine, CA: University of
California, Dept. of Information and Computer Science (1999)
2.
de Boer, R.J., Segel, L.A., Perelson, A.S.: Pattern formation in one and two-dimensional
shape space models of the immune system. J. Theoret. Biol. 155 (1992) 295-333
