An Immunological Approach to Change Detection: Theoretical Results

14 years 3 months ago

Download www.cs.unm.edu

: This paper examines some of the theoretical foundations of the distributable change detection method introduced by Forrest et al. in [10], including fundamental bounds on some of its parameters. A short overview is given of the reasoning behind this method, its immunological counterpart and its computer implementation. The amount of information that is lost by splitting a data stream into unordered strings can be estimated, and this estimate can be used to guide the choice of string length. A lower bound on the size of the detector set is derived, based on information-theoretic grounds. The principle of holes (undetectable nonself strings) is illustrated, along with a proof of their existence for a large class of matching rules. The influence of holes on the achievable failure rate is discussed, along with guidelines on how to avoid them.

Patrik D'haeseleer

Real-time Traffic

CSFW 1996 | Distributable Change Detection | Forrest Et Al | Security Privacy | Undetectable Nonself Strings |

claim paper

Post Info
More Details (n/a)

Added	07 Aug 2010
Updated	07 Aug 2010
Type	Conference
Year	1996
Where	CSFW
Authors	Patrik D'haeseleer

Comments (0)

Sciweavers

An Immunological Approach to Change Detection: Theoretical Results

CSFW 1996 | Distributable Change Detection | Forrest Et Al | Security Privacy | Undetectable Nonself Strings |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers