Anomaly detection protocol with negative selection module and machine learning rules

Today, the interest in artificial immune systems has increased many times, as the immune system can solve a large number of problems in the field of computer security. In this article the statistical model of intrusion detection system based on artificial immune system is considered, the sets of detectors in the model are selected on the basis of packet headers. Based on the test results, methods for improving the intrusion detection system are proposed and implemented. The article combines the theory of negative selection and the rules of machine learning in order to propose a new intrusion detection system. To generate detectors, a set of basic rules is developed, using software for data analysis and machine learning, and then new detectors are generated and detailed, inside the negative selection module. During testing the proposed model, using the DARPA1999 data set, the model showed good performance compared to the previous models.