Here is an article on trying to simulate the immune system on a
In Machina - Computer Science Borrows Immunology Theories (by Chris
The concept by Smith, Forrest and Perelson:
"The computer immune system model (...) simulates a virus on a
computer by breaking it down into its basic components and modeling
only the patterns where the components molecularly bind. By looking at
these patterns, the scientists can determine how the immune system
responds to viruses that mutate and the effectiveness of potential
And on algorithmical strategies to determine what is a virus, and what
"In the human body, knowledge of intrusions by foreign objects is
encoded in protein fragments. (...) Ph.D. student Anil Somayaji has
come to the conclusion that a computer program's system call patterns
are the missing link. He suggests that a "normal" profile of a
computer program's pattern of system calls can be created. This
profile can then be monitored with changes to the norm readily
Somayaji notes that developing such a computer immune system is a
matter of distinguishing "self" from dangerous "other" (or "non-self")
and eliminating dangerous non-self. Protecting computer systems from
malicious intrusions can simply be viewed as the problem of
distinguishing self from non-self. Non-self might be an unauthorized
user, a foreign code in the form of a computer virus or corrupted
The following article goes into great detail on describing the
Warriors Within - How Your Immune System Combats Disease (by Alan
"The immune system continually generates large numbers of highly
diverse antibody bearing cells. Those that are capable of recognizing
self--the proteins native to the body--are eliminated, leaving a
collection of defenders that recognize and attack non-self molecules
not native to the body. The Forrest-Perelson system uses strings of
computer code that fail to match the computer's native code, in a
system closely analogous to that used by the immune system. Antibodies
that match the "self" are eliminated, while those that fail to
recognize self are kept on hand to be compared with the program at any
time. If a match is indeed later found, the program or set of
antibodies has changed, presumably through viral infection."
Also, the IBM Thomas J. Watson Research Center invests great research
in this topic. Please see the following articles on the subject:
The Virus Wars (by Robert Buderi)
On the Digital Immune System:
"The idea is to create digital white blood cells -- much as human
beings develop antibodies to biological agents -- that will be
permanently available on line. In theory, automatic virus-scouting
programs will transmit suspect codes directly to the immune center,
where they will be analyzed and debugged and the cure beamed back
before mere mortals even know there's a problem."
Anatomy of a Commercial-Grade Immune System (by the IBM Thomas J.
Watson Research Center)
Here especially the middle part on virus detection, "Immune System
Architectural Overview", should be of interest:
"Heuristics can detect a new, previously unknown virus either by its
appearance, by simulating how it will behave when run, or by actually
observing the behavior of the program or system."
Computers and Epidemiology (by the IBM Thomas J. Watson Research
Blueprint for a Computer Immune System
It is stressed in this research paper that in order for the protection
system to work, it "must be capable of detecting the presence of a
high proportion of viruses that are unknown to it specifically." The
details of generic disinfection heuristic are discussed here. For
algorithmical details and mathematical approaches, please see "Generic
disinfection implementation" a bit down on that page.
A Biologically Inspired Immune System for Computers (by Jeffrey O.
The reliance on robust pattern matching is explained further in the
Automatic Extraction of Computer Virus Signatures (by Jeffrey O.
Kephart and William C. Arnold)
On the Extraction/Evaluation Algorithm:
"Suppose that we have just obtained a sample of a new virus imbedded
in some host (infected) executable program. We wish to find a good
signature for that virus: one that will appear in every instance of
the virus, but is extremely unlikely to appear just by coincidence in
code not containing the virus."
A broad but detailed overview can be found in the following papers
(needing Adobe Acrobat Reader):
Principles of a Computer Immune System (by the University of New
Mexico - Department of Computer Science) [PDF]
Immunity by Design: An Artificial Immune System (by Steven A. Hofmeyr
and Stephanie Forrest) [PDF]
Engineering an Immune System (by Steven A. Hofmeyr and Stephanie
And, focussing on anomaly intrusion detection:
Intrusion Detection using Sequences of System Calls (by Steven A.
Hofmeyr and Stephanie Forrest) [PDF]
Also, see this research in Word format:
Information Security with Formal Immune Networks (by Alexander O.
Tarakanov, Russian Academy of Sciences) [DOC]
For general background and historical information, see:
Beyond Virtual Vaccinations - Developing a digital immune system in
bits and bytes (by Damaris Christensen)
Here is a good introductory comparison chart, highlighting the
differences and similarities between human, and computer viruses. I
hope it can serve as inspirational information:
Human Viruses and Computer Viruses - A Comparison
I wish you the best of luck in your quest, and hope this was of help!
"human immune system" "computer virus"
"digital immune system"
"computer immune system"
digital "immunological system"
"artificial immune systems"
Further articles and references:
UNM Computer Science - Computer Immune System
USA Today - Virus researchers: Internet needs immune system
Symantec Virus Glossary
Wired.com - IBM Takes Macro Viruses to the Cleaners
(by Jennifer Sullivan)
Times Computing - Closing in for the kill
Creative Technology - Fighting the Flu - The Computer Virus
University of Arizona - Introduction to Immunology
Artificial Immune Systems at the Institute of Computer Science,
Polish Academy of Sciences, Warsaw
Artificial Immune Systems and Their Applications
Editor: Dipankar Dasgupta
Springer-Verlag, Inc, November 1998
To be ordered at AllHeart.com: