Google Answers Logo
View Question
Q: Computer viruses and AI ( Answered 5 out of 5 stars,   0 Comments )
Subject: Computer viruses and AI
Category: Computers > Algorithms
Asked by: crook-ga
List Price: $20.00
Posted: 20 Jul 2002 06:16 PDT
Expires: 19 Aug 2002 06:16 PDT
Question ID: 43157
Can you please find all research papers and information on trying to
simulate the human immune system into a computer so that it can
identify and combat computer viruses. I am trying to do this by using
a evolutionary alogrithm and virus source codes in c++.How do viruses
spread and what are past,current and future methods to moniter and
prevent them. What are the opertaing principals of anti virus
Subject: Re: Computer viruses and AI
Answered By: j_philipp-ga on 20 Jul 2002 07:32 PDT
Rated:5 out of 5 stars
Hello Crook-ga,

Here is an article on trying to simulate the immune system on a

In Machina - Computer Science Borrows Immunology Theories (by Chris

The concept by Smith, Forrest and Perelson:

"The computer immune system model (...) simulates a virus on a
computer by breaking it down into its basic components and modeling
only the patterns where the components molecularly bind. By looking at
these patterns, the scientists can determine how the immune system
responds to viruses that mutate and the effectiveness of potential

And on algorithmical strategies to determine what is a virus, and what
is not:

"In the human body, knowledge of intrusions by foreign objects is
encoded in protein fragments. (...) Ph.D. student Anil Somayaji has
come to the conclusion that a computer program's system call patterns
are the missing link. He suggests that a "normal" profile of a
computer program's pattern of system calls can be created. This
profile can then be monitored with changes to the norm readily

Somayaji notes that developing such a computer immune system is a
matter of distinguishing "self" from dangerous "other" (or "non-self")
and eliminating dangerous non-self. Protecting computer systems from
malicious intrusions can simply be viewed as the problem of
distinguishing self from non-self. Non-self might be an unauthorized
user, a foreign code in the form of a computer virus or corrupted

The following article goes into great detail on describing the

Warriors Within - How Your Immune System Combats Disease (by Alan

"The immune system continually generates large numbers of highly
diverse antibody bearing cells. Those that are capable of recognizing
self--the proteins native to the body--are eliminated, leaving a
collection of defenders that recognize and attack non-self molecules
not native to the body. The Forrest-Perelson system uses strings of
computer code that fail to match the computer's native code, in a
system closely analogous to that used by the immune system. Antibodies
that match the "self" are eliminated, while those that fail to
recognize self are kept on hand to be compared with the program at any
time. If a match is indeed later found, the program or set of
antibodies has changed, presumably through viral infection."


Also, the IBM Thomas J. Watson Research Center invests great research
in this topic. Please see the following articles on the subject:

The Virus Wars (by Robert Buderi)

On the Digital Immune System:
"The idea is to create digital white blood cells -- much as human
beings develop antibodies to biological agents -- that will be
permanently available on line. In theory, automatic virus-scouting
programs will transmit suspect codes directly to the immune center,
where they will be analyzed and debugged and the cure beamed back
before mere mortals even know there's a problem."

Anatomy of a Commercial-Grade Immune System (by the IBM Thomas J.
Watson Research Center)

Here especially the middle part on virus detection, "Immune System
Architectural Overview", should be of interest:
"Heuristics can detect a new, previously unknown virus either by its
appearance, by simulating how it will behave when run, or by actually
observing the behavior of the program or system."

Computers and Epidemiology (by the IBM Thomas J. Watson Research

Blueprint for a Computer Immune System

It is stressed in this research paper that in order for the protection
system to work, it "must be capable of detecting the presence of a
high proportion of viruses that are unknown to it specifically." The
details of generic disinfection heuristic are discussed here. For
algorithmical details and mathematical approaches, please see "Generic
disinfection implementation" a bit down on that page.

A Biologically Inspired Immune System for Computers (by Jeffrey O.

The reliance on robust pattern matching is explained further in the
following paper:

Automatic Extraction of Computer Virus Signatures (by Jeffrey O.
Kephart and William C. Arnold)

On the Extraction/Evaluation Algorithm:
"Suppose that we have just obtained a sample of a new virus imbedded
in some host (infected) executable program. We wish to find a good
signature for that virus: one that will appear in every instance of
the virus, but is extremely unlikely to appear just by coincidence in
code not containing the virus."


A broad but detailed overview can be found in the following papers
(needing Adobe Acrobat Reader):

Principles of a Computer Immune System (by the University of New
Mexico - Department of Computer Science) [PDF]

Immunity by Design: An Artificial Immune System (by Steven A. Hofmeyr
and Stephanie Forrest) [PDF]

Engineering an Immune System (by Steven A. Hofmeyr and Stephanie
Forrest) [PDF]

And, focussing on anomaly intrusion detection:

Intrusion Detection using Sequences of System Calls (by Steven A.
Hofmeyr and Stephanie Forrest) [PDF]

Also, see this research in Word format:

Information Security with Formal Immune Networks (by Alexander O.
Tarakanov, Russian Academy of Sciences) [DOC]


For general background and historical information, see:

Beyond Virtual Vaccinations - Developing a digital immune system in
bits and bytes (by Damaris Christensen)


Here is a good introductory comparison chart, highlighting the
differences and similarities between human, and computer viruses. I
hope it can serve as inspirational information:

Human Viruses and Computer Viruses - A Comparison


I wish you the best of luck in your quest, and hope this was of help!

Search strategy:
    "human immune system" "computer virus"
    "digital immune system"
    "computer immune system"
    digital "immunological system"
    "artificial immune systems"

Further articles and references:

    UNM Computer Science - Computer Immune System

    USA Today - Virus researchers: Internet needs immune system

    Symantec Virus Glossary - IBM Takes Macro Viruses to the Cleaners
    (by Jennifer Sullivan),1287,8938,00.html

    Times Computing - Closing in for the kill

    Creative Technology - Fighting the Flu - The Computer Virus

    University of Arizona - Introduction to Immunology

    Artificial Immune Systems at the Institute of Computer Science,
    Polish Academy of Sciences, Warsaw


    Artificial Immune Systems and Their Applications
    Editor: Dipankar Dasgupta
    Springer-Verlag, Inc, November 1998
    Table-of-Contents at:
    To be ordered at
crook-ga rated this answer:5 out of 5 stars
Very impressive and outstanding research.Thank you very much!!

There are no comments at this time.

Important Disclaimer: Answers and comments provided on Google Answers are general information, and are not intended to substitute for informed professional medical, psychiatric, psychological, tax, legal, investment, accounting, or other professional advice. Google does not endorse, and expressly disclaims liability for any product, manufacturer, distributor, service or service provider mentioned or any opinion expressed in answers or comments. Please read carefully the Google Answers Terms of Service.

If you feel that you have found inappropriate content, please let us know by emailing us at with the question ID listed above. Thank you.
Search Google Answers for
Google Answers  

Google Home - Answers FAQ - Terms of Service - Privacy Policy