EPSRC funded Postgraduate Research Associate
Danger Theory: The Missing Link between Artificial Immune Systems and
Intrusion Detection
The central challenge with computer security is determining the
difference between normal and potentially harmful activity. For half
a century, developers have protected their systems by coding rules
that identify and block specific events. However, the nature of
current and future threats in conjunction with ever larger IT systems
urgently requires the development of automated and adaptive defensive
tools. A promising solution is emerging in the form of Artificial
Immune Systems (AIS): The Human Immune System (HIS) can detect and
defend against harmful and previously unseen invaders, so can we not
build a similar Intrusion Detection System (IDS) for our computers?
Presumably, those systems would then have the same beneficial
properties as the HIS like error tolerance, adaptation and self-
monitoring.
Current AIS have been successful on test systems, but were unable to
scale up to real-world requirements. This is caused by their
reliability on self-nonself discrimination, as stipulated in
classical immunology. However, immunologists are increasingly
finding fault with traditional self-nonself thinking and a new
'Danger Theory' (DT) is emerging. This new theory suggests that the
immune system reacts to threats based on the correlation of various
(danger) signals and it provides a method of 'grounding' the immune
response, i.e. linking it directly to the attacker. Little is
currently understood of the precise nature and correlation of these
signals and the theory is a topic of hot debate.
It is the aim of this EPSRC adventure-grant project to investigate
this correlation and to translate the DT into the realms of computer
security, thereby creating AIS that are no longer limited by self-
nonself discrimination.
A research associate is required to work on this project in the
Automated Scheduling, Optimisation and Planning group to conduct
research into models, heuristics and algorithms for automatically
producing high quality solutions to a variety of real world
optimization and scheduling problems. Since 1991, efficient
techniques have been developed to produce high quality scheduling
solutions in a practical amount of time. The group comprises of six
members of academic staff, two administrators, nine research
assistants and 24 PhD students.
Candidates should have a postgraduate qualification in computer
science, together with relevant practical experience in heuristics
and/or intrusion detection. For candidates not holding a PhD the
opportunity exists to register for a part-time PhD.
Salary will be within the range £18,265 - £20,311 per annum,
depending on qualifications and experience. This EPSRC funded post
is available immediately and will be offered on a fixed-term contract
for a period of three years.
Informal enquiries may be addressed to Dr Uwe Aickelin, Email:
[log in to unmask] Full project details are available at:
http://www.cs.nott.ac.uk/~uxa/danger.pdf.
Candidates should send a covering letter, together with a detailed CV
(including publications) and the names and addresses of two referees,
to Dr U Aickelin, School of Computer Science and IT, The University
of Nottingham, Jubilee Campus, Wollaton Road, Nottingham, NG8 1BB.
Please quote ref. EPSRC/S47809. Closing date: 21 November 2003.
Provisional interview date: 18 December 2003.
|