Intrusion Prevention and Self-Healing Algorithms Inspired by Danger Theory

In this paper, software system, design theories and
human immune system (HIS) features are used to introduce a
novel algorithm for the problem of preventing intrusions and
healing the damage which they cause. The HIS features are
analyzed and modelled to monitor network systems as to
whether the inline activities are behaving abnormally or being
attacked. The abnormal activities are prevented and healed by
the presented algorithms. We show how the use of biological
immune systems, which incorporate an innate, adaptive
immune system and self-healing mechanism, can reduce the
number of false alerts and heal the damage caused by intrusion.
This autonomous system improves the performance of the
current Intrusion Prevention System (IPS) and carries on
system continuity by using the Self–Healing (SH) mechanism.