262 CATALYZING INQUIRY
8.2.5.4 An Example: Immunology and Intruder Detection
To detect pathogens, the immune system generates detectors that can bind to pathogens, and only
to pathogens (i.e., do not bind to self). (A detector binding to a pathogen is the marker of a detection
event.) To vastly simplify a complex process, the immune system first generates detectors at random.
Through a process known as tolerization, detectors that bind to self are destroyed, leaving only detec-
tors that bind to nonself at the end; these detectors are called mature. Mature detectors are released
throughout the body; if they do not bind to a nonself entity in some period of time (several days?), they
are destroyed (self-destruct?). Those that do bind to nonself entities are regarded as activated detectors.
However, an activated detector must receive a second, independent signal (created by the binding of
another type of detector to the same pathogen costimulation) to become capable of surviving for a long
period of time. These long-term survivors are memory detectors that enable subsequent immune re-
sponses to be generated much more rapidly and are the basis for long-term immunity. (Memory detec-
tors have lifetimes that range from days to the lifetime of an organism, and the underlying mechanisms
governing their lifetimes are not well understood.)
In the context of computer security, Forrest and Hofmeyr have described models for network
intrusion detection and virus detection.^49 In the network intruder detection example, self is defined
through a set of “normal” connections in a local area network. Each connection is defined by a triplet
consisting of the addresses of the two parties in communication with each other and the port over which
they communicate (a total of 49 bits), and the set of all triplets (normal triplets) generated during a
training period represents, by definition, normal operation of the network.
When the network operates outside the training period, the intrusion detection system generates
random detector strings that are 49 bits in length. Matches are declared according to an “r-contiguous-
bit” rule—a match is deemed to exist if a random detector string matches some normal triplet in at least
r contiguous bit positions. In this phase (the maturation phase), detector strings that match some normal
triplet are eliminated, leaving only mature detectors that have not matched any normal triplet.
Mature detectors—which might match an abnormal triplet that arises as the result of a network
intrusion—are then exposed to the nontraining network operation. If a mature detector matches some
triplet found in the nontraining network operation, such a match is potentially a sign of network
intrusion (which would be indicated by an unusual pair of systems communicating over an unusual
port). If a mature detector does not match any such triplet in a given period of time, it too is elimi-
nated.^50 The remaining detectors—activated detectors—are now fully capable of signaling the presence
of abnormal triplets.
However, as a further guard against false positives, the system invoked a mechanism inspired by
immunological costimulation. Costimulation reduces the likelihood that a pathogen will be indicated
when there is no pathogen. After negative selection of lymphocytes occurs, the remaining now-mature
lymphocytes are likely to bind to nonself entities encountered. However, before the lymphocytes are
“promoted” to memory cells, they must be activated by a costimulatory signal indicating that the
substances to which they bind are in fact pathogens. This costimulatory signal is generated indepen-
dently and reduces the incidence of pathogen detectors that are overly sensitive (and hence the likeli-
hood of autoimmune reactions).
The intrusion detection system implements a costimulatory mechanism as the requirement of a
human confirmation of behavior flagged as potentially anomalous—that is, it presents matches sig-
naled by an activated detector to a human operator for confirmation. If the system receives human
confirmation within a fixed amount of time, the activated detector responsible for the warning is made
(^49) S. Forrest and S. Hofmeyr, “Immunology as Information Processing,” Design Principles for Immune Systems and Other Distrib-
uted Autonomous Systems, L.A. Segal and I.R. Cohen, eds., Oxford University Press, New York, 2001.
(^50) In fact, the mature detector is eliminated if it does not exceed some parametrically set threshold (the activation threshold) for
the number of matches to abnormal triplets.