A Study of Artificial Immune Systems Applied to Anomaly

González, Fabio Ph.D. The University of Memphis. May 2003. A Study of Artificial Immune Systems Applied to Anomaly Detection. Major Professor: Dipankar Dasgupta, Ph.D. The main goal of this research is to examine and to improve the anomaly detection function of artificial immune systems, specifically the negative selection algorithm and other self/non-self recognition techniques. This research investigates different representation schemes for the negative selection and proposes new detector generation algorithms suitable for such representations. Accordingly, different representations are explored: hyperrectangles (which can be interpreted as rules), fuzzy rules, and hyper-spheres. Four different detector generation algorithms are proposed: Negative Selection with Detection Rules (NSDR, an evolutionary algorithm to generate hypercube detectors), Negative Selection with Fuzzy Detection Rules (NSFDR, an evolutionary algorithm to generate fuzzy-rule detectors), Real-valued Negative Selection (RNS, a heuristic algorithm to generate hyperspherical detectors), and Randomized Real-valued Negative Selection (RRNS, an algorithm for generating hyper-spherical detectors based on Monte Carlo methods). Also, a hybrid immune learning algorithm, which combines RNS (or RRNS) and classification algorithms is developed. This algorithm allows the application of a supervised learning technique even when samples from only one class (normal) are available. Different experiments are performed with synthetic and real world data from different sources. The experimental results show that the proposed representations along with the proposed algorithms provide some advantages over the binary negative selection algorithm. The most relevant advantages include improved scalability, more expressiveness that allows the extraction of high-level domain knowledge, non-crisp distinction between normal and abnormal, and better performance in anomaly detection.