1 Principles of a Computer Immune System Anil Somayaji, Steven Hofmeyr, & Stephanie Forrest Presented by: Jesus Morales.

Slides:



Advertisements
Similar presentations
V-Detector: A Negative Selection Algorithm Zhou Ji, advised by Prof. Dasgupta Computer Science Research Day The University of Memphis March 25, 2005.
Advertisements

CIFD: Computational Immunology for Fraud Detection
B cells and T cells for line of defence
Chapter 43 Notes The Body’s Defenses. Nonspecific Defenses Against Infection The skin and mucous membranes provide first-line barriers to infection -skin.
The Immune System Pt 2 Acquired Immunity 3 rd Line of Defense B Cells and T Cells Lymphocyte Antibodies Get down with the Sickness.
Immune System Part III:
Chapter 35: Immune System & Disease
CENTER FOR BIOLOGICAL SEQUENCE ANALYSIS Department of Systems Biology Technical University of Denmark Immunological Bioinformatics Introduction to the.
Immune System Chapter 14.
The Immune System Specific Immunity. What You Should Know Immune surveillance A range of white blood cells constantly circulate monitoring the tissues.
The Immune System. Learning Objectives The need for an immune system- Distinguishing Self vs. Non-self Evolutionary trends in immune systems Non specific.
Lecture outline The nomenclature of Immunology Types of immunity (innate and adaptive; active and passive; humoral and cell- mediated) Features of immune.
Anomaly Detection in Data Docent Xiao-Zhi Gao
Lecture outline The nomenclature of Immunology
Information Processing in Living Systems. Does the brain compute?
1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Microbiology 204: Cellular and Molecular Immunology Class meets MWF 11-12:30 Lectures are open to auditors Discussions are restricted to those enrolled.
Adaptive Immunity Substances recognized as foreign that provoke an immune response are called antigens (Ag). Adaptive immunity describes the ability of.
The Immune System. Immune System Our immune system is made up of: The innate immune system: first line of defence (non-specific) The adaptive immune system:
The Lymphoid System and Immunity Overview
Intro to the Immune System There are 2 major lines of defense: Non-specific (Innate Immunity) and Specific (Adaptive Immunity) Photo of macrophage cell.
Distributed Network Intrusion Detection An Immunological Approach Steven Hofmeyr Stephanie Forrest Patrik D’haeseleer Dept. of Computer Science University.
The Immune System Bryce Tappan. Function of the Immune System The purpose of the immune system is to protect an organism from external dangers such as.
1 Chapter 20 Defenses Against Disease: The Immune System.
The Immune System. Learning Objectives The need for an immune system- Distinguishing Self vs. Non-self Evolutionary trends in immune systems Non specific.
Chapter 43 Biology – Campbell • Reece
Earth is full of microscopic invaders that can wage war in your body. Infectious diseases are caused by microorganisms; viruses, bacteria, fungi, protists,
Specific Defenses of the Host
Basic Immunology The Immune system must have the ability to distinguish between self and non-self molecules Self Molecules- components of an organism’s.
Chapter 52 Immune Sytem By: Group D: Daniel Cazares del Castillo, Fabian Abarca, Justin Cruz, Jayce Frank, William Hoover, Alberto Rodriguez.
Acquired Immunity: Humoral Response Distinction of Humoral versus Cell-Mediated Acquired Immunity Antigens and Antigenic Determinants: Non-self and MHC.
Pasteur & Koch came up with the germ theory of disease: infectious diseases occur when microorganisms cause physiological changes that disrupt normal.
Telling self from non-self: Learning the language of the Immune System Rose Hoberman and Roni Rosenfeld BioLM Workshop May 2003.
The Body’s Defenses: The Immune System
18 Animal Defense Systems Animal defense systems are based on the distinction between self and nonself. There are two general types of defense mechanisms:
Immune System.
+ Immunity: Defense against disease EL: To bring together the learnings on immunity from SAC 4.
November 19, 2008 CSC 682 Use of Virtualization to Thwart Malware Written by: Ryan Lehan Presented by: Ryan Lehan Directed By: Ryan Lehan Produced By:
Ch 31 immune system AP lecture hill.com/sites/ /student_view0/ch apter22/animation__the_immune_response.h tml
Lymphatic System Lymphatic system: network of lymphatic vessels and organs Returns tissue fluid to the circulatory system Fights infections.
Understanding Specific Immune 1800’s scientists determined – Antigen specific- acts against particular pathogens/foreign substances – Systemic- full body.
The Immune System Human Body vs. Microbes. Our 1 st Line of Defense...  The Integumentary System…  Skin  Mucous membranes  Mucous  provides a physical.
35.2 Defenses Against Infection
Aim: How does our body defend us from pathogens?.
Presentation By SANJOG BHATTA Student ID : July 1’ 2009.
Surface Defect Inspection: an Artificial Immune Approach Dr. Hong Zheng and Dr. Saeid Nahavandi School of Engineering and Technology.
The Immune System. Review What organisms that we’ve learned about can cause disease? Bacteria, protists, fungi, animals, viruses.
Chapter Pgs Objective: I can describe how adaptive immunity (immunological memory) works. Challenging but cool, like a Rube Goldberg.
` Question: How do immune systems achieve such remarkable scalability? Approach: Simulate lymphoid compartments, fixed circulatory networks, cytokine communication.
Immunity Mrs. Dalia Kamal Eldien MSc in Microbiology Mrs. Dalia Kamal Eldien MSc in Microbiology Lecture NO: 14.
Part 1. Learning Intentions Define the immune system Identify different components of the immune system Identify components of the lymphatic system.
Some Great Open Source Intrusion Detection Systems (IDSs)
Lecture 1 By: Dr. Ghasoun M.A. Wadai
ANTIgEN DATA an AMAGINO Technology company
The Lymphatic System and Body Defenses
IMMUNITY ..
Immune System Chapter 43 AP/IB Biology.
Defenses against infection
Chapter 43 Notes The Body’s Defenses.
Immune System Chapter 14.
The Lymphatic System and Body Defenses
What causes us to be sick/what makes us sick?
Immune System Chapter 14.
Basic Immunology CLS 212.
Telling self from non-self: Learning the language of the Immune System
What is the immune system?
Operating System Concepts
Specific Cellular Defences Against Pathogens
SPECIFIC IMMUNE RESPONSE
Specific Cellular Defences Against Pathogens
Presentation transcript:

1 Principles of a Computer Immune System Anil Somayaji, Steven Hofmeyr, & Stephanie Forrest Presented by: Jesus Morales

2 Introduction Written in 1997 Introduces biological approaches to computer security The problem:  Computer systems are plagued of security vulnerabilities  We’ve seen many: buffer overflows, viruses, denial of service attacks and so on Need a new approach to computer security

3 Traditional approach Good in theory, not in practice Computer systems are dynamic: system state continuously changed Formal verification of a dynamic system is impractical Security policies flaws + implementation flaws + configuration flaws = imperfect security

4 Biological approach Dealing with an imperfect, uncontrolled and open environment. Similar to the environment the human body has to deal with Look at the human immune system as a model

5 The immune system (IMS) Protects the body  Vastly more complicated than any computer system Constantly under attack  Parasites, bacteria, viruses Highly effective  We’re healthy most of the time  Works autonomously If IMS were at the same technical state as computer security systems, we’d be extinct

6 IMS: Pattern recognition: self vs. nonself IMS must distinguish molecules and cells of the body (self) from extraneous ones (nonself)  Huge problem: 10^5 different types of self 10^16 different types of nonself (estimate) Human genome contains about 10^5 genes

7 IMS: multilayered architecture 1 st Layer: skin and physiological conditions (pH, temperature) 2 nd Layer: innate IMS (scavenger cells clean pathogens and debris) 3 rd Layer: adaptive IMS (acquired immune response)

8 IMS: adaptive immune system Primarily white blood cells (lymphocytes) Circulate in the blood and lymph systems Negative detectors Detection by molecular bonds  Detection is approximate

9 IMS: adaptive immune system (cont.) Problem: how to avoid autoimmune disorders?  Lymphocytes are self-tolerant  Clonal deletion process Problem: how to recognize the potentially huge number of pathogens?  Genetic process: generate lymphocytes randomly  10^8 lymphocyte receptors vs. 10^16 potential foreign patterns Constant lymphocyte turnover (short-lived: few days) Learning and memory

10 IMS: adaptive immune system (cont.) IMS response to viruses Result: immune memory

11 IMS: diversity Immune system is diverse across a population Each individual has a unique immune system Different lymphocyte population = different detector set Different Major-Histocompatibility Complex (MHC) (genetically determined)

12 Organizing Principles Can’t really implement the same IMS in a computer system We can derive a set of guiding principles Distributability: Immune system detectors are able to determine locally the presence of an infection. No central coordination takes place, which means there is no single point of failure. Multi-layered: Multiple layers of different mechanisms are combined to provide high overall security.

13 Organizing Principles (cont.) Diversity: By making systems diverse, security vulnerabilities in one system are less likely to be widespread.  Diverse protection systems, or  Diverse protected systems Disposability: No single component in the system is essential. Adaptability:  Learn to detect new intrusions  Ability to recognize signatures of previously seen attacks No secure Layer:  Any cell can be attacked by a pathogen---including those of the immune system itself.  Mutual protection among immune system components replaces dependence on a secure underlying layer.

14 Organizing Principles (cont.) Dynamically changing coverage:  Space/time tradeoff  Can’t maintain a set of detectors large enough  Use randomness and replacement Identity via behavior:  IMS uses proteins (peptides) as behavior indicators: “running code” of the body  Computer analog: short sequences of system calls Anomaly detection:  The ability to detect intrusions or violations that are not already known is an important feature of any security system.

15 Organizing Principles (cont.) Imperfect detection:  Accepting imperfect detection increases the flexibility to allocate resources.  Example: less specific detectors respond to a wider variety of patterns but are less efficient at detecting a specific pathogen. The numbers game:  The immune system replicates detectors to counteract replicating  Computers subject to similar numbers game: hackers freely trading exploit scripts on the Internet denial-of-service attacks computer viruses.  Pathogens in the computer security world are playing the numbers game---traditional defense systems, however, are not.

16 Possible Architectures Protecting static data  Self: uncorrupted data  Nonself: any change in self  Change detection algorithms Protecting active processes on a single host  Self: normal behavior  Nonself: abnormal behavior  View each active process as a cell  Passwords, group/file permissions as skin  Adaptive immune layer: rotating “lymphocyte” processes query other processes looking for behavior anomalies If anomaly is detected: slow, suspend, or kill process

17 Possible Architectures (cont.) Protecting a network of mutually trusting computers  Process is a cell. Computer is an organ. Individual is a network  Innate immune system Host-based and network security mechanisms  Adaptive immune system Lymphocyte processes (kernel-assisted)  Can migrate between computers and take appropriate action  One computer (or set) produces/selects/releases “lymphocytes”  No centralized response

18 Possible Architectures (cont.) Protecting a network of mutually trusting disposable computers  Each computer a cell. Network is the individual  Host-based security is the skin  Innate immune system Network defenses (Kerberos, firewalls)  Adaptive immune system Lymphocyte machines monitor each other state If anomaly is detected: isolate affected machine, reboot or shut down

19 Limitations Different goals:  Biological IMS goal: survival  Computer security: confidentiality, integrity, availability, accountability and correctness  Most obvious is confidentiality. Biological IMS does not care about protecting secrets

20 Conclusion Skin and innate IMS (passwords, access controls, careful design) are important Adaptive IMS is still mostly lacking in computer systems. We need it to make systems more secure

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.