摘要翻译：
系统调用分析是异常检测系统识别恶意代码执行的一种方法。这一过程与属于人类免疫系统的某些细胞的行为有相似之处，可以应用于构建人工免疫系统。免疫学中最近发展起来的一个假说--危险理论，指出我们的免疫系统通过感知属于入侵者的分子，加上宿主产生的指示危险和损害的信号，对入侵者的存在做出反应。我们建议将这一概念纳入响应式入侵检测系统，其中系统和运行进程的行为信息与关于单个系统调用的信息相结合。
---
英文标题：
《Malicious Code Execution Detection and Response Immune System inspired
  by the Danger Theory》
---
作者：
Jungwon Kim, Julie Greensmith, Jamie Twycross, Uwe Aickelin
---
最新提交年份：
2010
---
分类信息：

一级分类：Computer Science        计算机科学
二级分类：Artificial Intelligence        人工智能
分类描述：Covers all areas of AI except Vision, Robotics, Machine Learning, Multiagent Systems, and Computation and Language (Natural Language Processing), which have separate subject areas. In particular, includes Expert Systems, Theorem Proving (although this may overlap with Logic in Computer Science), Knowledge Representation, Planning, and Uncertainty in AI. Roughly includes material in ACM Subject Classes I.2.0, I.2.1, I.2.3, I.2.4, I.2.8, and I.2.11.
涵盖了人工智能的所有领域，除了视觉、机器人、机器学习、多智能体系统以及计算和语言（自然语言处理），这些领域有独立的学科领域。特别地，包括专家系统，定理证明（尽管这可能与计算机科学中的逻辑重叠），知识表示，规划，和人工智能中的不确定性。大致包括ACM学科类I.2.0、I.2.1、I.2.3、I.2.4、I.2.8和I.2.11中的材料。
--
一级分类：Computer Science        计算机科学
二级分类：Cryptography and Security        密码学与安全
分类描述：Covers all areas of cryptography and security including authentication, public key cryptosytems, proof-carrying code, etc. Roughly includes material in ACM Subject Classes D.4.6 and E.3.
涵盖密码学和安全的所有领域，包括认证、公钥密码系统、携带证明的代码等。大致包括ACM主题课程D.4.6和E.3中的材料。
--
一级分类：Computer Science        计算机科学
二级分类：Neural and Evolutionary Computing        神经与进化计算
分类描述：Covers neural networks, connectionism, genetic algorithms, artificial life, adaptive behavior. Roughly includes some material in ACM Subject Class C.1.3, I.2.6, I.5.
涵盖神经网络，连接主义，遗传算法，人工生命，自适应行为。大致包括ACM学科类C.1.3、I.2.6、I.5中的一些材料。
--

---
英文摘要：
  The analysis of system calls is one method employed by anomaly detection systems to recognise malicious code execution. Similarities can be drawn between this process and the behaviour of certain cells belonging to the human immune system, and can be applied to construct an artificial immune system. A recently developed hypothesis in immunology, the Danger Theory, states that our immune system responds to the presence of intruders through sensing molecules belonging to those invaders, plus signals generated by the host indicating danger and damage. We propose the incorporation of this concept into a responsive intrusion detection system, where behavioural information of the system and running processes is combined with information regarding individual system calls.
---
PDF链接：
https://arxiv.org/pdf/1003.4142