A cognitive adaptive artificial immunity algorithm for database intrusion detection systems

Applying artificial immune system in database security is a challenging trend to increase detection rate for internal intrusive users or administrators. Negative selection algorithm and danger theory are artificial immunity algorithms that provide promoting solutions for obtaining privacy-preserving data. This paper develops a mixed innate and adaptive immunity algorithm based on negative selection algorithm and danger they to detect unknown intrusive users based on multi-layer pattern matching. A secret sharing mechanism is applied to monitor database administrators’ transactions in a lowest possible time. The proposed immunity algorithm is based on a continuous cognitive adaptive methodology for using detected users as antigens for future faster response to unknown patterns. The key features of the presented immunity algorithm are its uniqueness for each detector, multi-layer detection and pattern matching, diversification in detecting unknown users at all levels of security, self-protection by using detected users as antigens for future detection process, and finally learning and memorization for storing previously detected users in antigen table to be used in pattern detection process. The conducted experimental results of the developed artificial immunity algorithm are compared to five algorithms and have achieved a high detection rate, low false positive and low false negative alarms.